From 42cfb613c0a9817c8527e6e95b1fe5dcdedc0283 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 05:35:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0255.json | 170 +++++++++---------- 2007/0xxx/CVE-2007-0271.json | 210 +++++++++++------------ 2007/0xxx/CVE-2007-0387.json | 150 ++++++++--------- 2007/0xxx/CVE-2007-0570.json | 160 +++++++++--------- 2007/1xxx/CVE-2007-1584.json | 130 +++++++-------- 2007/1xxx/CVE-2007-1942.json | 170 +++++++++---------- 2007/1xxx/CVE-2007-1969.json | 130 +++++++-------- 2007/1xxx/CVE-2007-1998.json | 150 ++++++++--------- 2007/3xxx/CVE-2007-3099.json | 260 ++++++++++++++--------------- 2007/4xxx/CVE-2007-4209.json | 140 ++++++++-------- 2007/4xxx/CVE-2007-4438.json | 170 +++++++++---------- 2007/4xxx/CVE-2007-4449.json | 160 +++++++++--------- 2015/2xxx/CVE-2015-2231.json | 34 ++-- 2015/2xxx/CVE-2015-2666.json | 180 ++++++++++---------- 2015/3xxx/CVE-2015-3062.json | 150 ++++++++--------- 2015/3xxx/CVE-2015-3724.json | 150 ++++++++--------- 2015/6xxx/CVE-2015-6337.json | 130 +++++++-------- 2015/6xxx/CVE-2015-6348.json | 130 +++++++-------- 2015/6xxx/CVE-2015-6417.json | 130 +++++++-------- 2015/6xxx/CVE-2015-6491.json | 120 ++++++------- 2015/6xxx/CVE-2015-6886.json | 34 ++-- 2015/7xxx/CVE-2015-7041.json | 210 +++++++++++------------ 2015/7xxx/CVE-2015-7452.json | 120 ++++++------- 2015/7xxx/CVE-2015-7591.json | 34 ++-- 2016/0xxx/CVE-2016-0040.json | 140 ++++++++-------- 2016/0xxx/CVE-2016-0097.json | 34 ++-- 2016/0xxx/CVE-2016-0370.json | 150 ++++++++--------- 2016/0xxx/CVE-2016-0765.json | 140 ++++++++-------- 2016/0xxx/CVE-2016-0926.json | 130 +++++++-------- 2016/1000xxx/CVE-2016-1000345.json | 170 +++++++++---------- 2016/1xxx/CVE-2016-1185.json | 150 ++++++++--------- 2016/1xxx/CVE-2016-1713.json | 150 ++++++++--------- 2016/1xxx/CVE-2016-1792.json | 150 ++++++++--------- 2016/1xxx/CVE-2016-1914.json | 160 +++++++++--------- 2016/4xxx/CVE-2016-4567.json | 200 +++++++++++----------- 2016/4xxx/CVE-2016-4868.json | 150 ++++++++--------- 2016/4xxx/CVE-2016-4912.json | 150 ++++++++--------- 2016/5xxx/CVE-2016-5287.json | 152 ++++++++--------- 2019/0xxx/CVE-2019-0009.json | 234 +++++++++++++------------- 2019/0xxx/CVE-2019-0081.json | 34 ++-- 2019/0xxx/CVE-2019-0177.json | 34 ++-- 2019/3xxx/CVE-2019-3093.json | 34 ++-- 2019/3xxx/CVE-2019-3236.json | 34 ++-- 2019/3xxx/CVE-2019-3520.json | 34 ++-- 2019/3xxx/CVE-2019-3879.json | 34 ++-- 2019/4xxx/CVE-2019-4164.json | 34 ++-- 2019/4xxx/CVE-2019-4408.json | 34 ++-- 2019/4xxx/CVE-2019-4802.json | 34 ++-- 2019/4xxx/CVE-2019-4928.json | 34 ++-- 2019/7xxx/CVE-2019-7570.json | 120 ++++++------- 2019/7xxx/CVE-2019-7723.json | 34 ++-- 2019/7xxx/CVE-2019-7827.json | 34 ++-- 2019/7xxx/CVE-2019-7995.json | 34 ++-- 2019/8xxx/CVE-2019-8063.json | 34 ++-- 2019/8xxx/CVE-2019-8390.json | 34 ++-- 2019/8xxx/CVE-2019-8601.json | 34 ++-- 2019/8xxx/CVE-2019-8936.json | 34 ++-- 2019/8xxx/CVE-2019-8951.json | 34 ++-- 2019/9xxx/CVE-2019-9177.json | 34 ++-- 2019/9xxx/CVE-2019-9685.json | 34 ++-- 60 files changed, 3241 insertions(+), 3241 deletions(-) diff --git a/2007/0xxx/CVE-2007-0255.json b/2007/0xxx/CVE-2007-0255.json index 59a4dd55cc6..f4cfb214dfd 100644 --- a/2007/0xxx/CVE-2007-0255.json +++ b/2007/0xxx/CVE-2007-0255.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070110 VLC Format String Vulnerability also in XINE", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456523/100/0/threaded" - }, - { - "name" : "MDKSA-2007:027", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:027" - }, - { - "name" : "MDKSA-2007:154", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:154" - }, - { - "name" : "22252", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22252" - }, - { - "name" : "31666", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31666" - }, - { - "name" : "23931", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23931" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22252", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22252" + }, + { + "name": "20070110 VLC Format String Vulnerability also in XINE", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456523/100/0/threaded" + }, + { + "name": "23931", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23931" + }, + { + "name": "MDKSA-2007:154", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:154" + }, + { + "name": "31666", + "refsource": "OSVDB", + "url": "http://osvdb.org/31666" + }, + { + "name": "MDKSA-2007:027", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:027" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0271.json b/2007/0xxx/CVE-2007-0271.json index ee76d1f7051..d7d8849a3bd 100644 --- a/2007/0xxx/CVE-2007-0271.json +++ b/2007/0xxx/CVE-2007-0271.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458475/100/100/threaded" - }, - { - "name" : "20070124 Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458006/100/0/threaded" - }, - { - "name" : "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml", - "refsource" : "MISC", - "url" : "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32910", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32910" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458475/100/100/threaded" + }, + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml", + "refsource": "MISC", + "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "32910", + "refsource": "OSVDB", + "url": "http://osvdb.org/32910" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "20070124 Oracle Buffer Overflow in DBMS_LOGMNR.ADD_LOGFILE", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458006/100/0/threaded" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0387.json b/2007/0xxx/CVE-2007-0387.json index 18212308d3b..7e36f9b5119 100644 --- a/2007/0xxx/CVE-2007-0387.json +++ b/2007/0xxx/CVE-2007-0387.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0387", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070204 Sql injection bugs in Joomla and Mambo", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459203/100/0/threaded" - }, - { - "name" : "20070118 The vulnerabilities festival !", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" - }, - { - "name" : "http://www.hackers.ir/advisories/festival.txt", - "refsource" : "MISC", - "url" : "http://www.hackers.ir/advisories/festival.txt" - }, - { - "name" : "34792", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34792" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 (com_weblinks) allows remote attackers to execute arbitrary SQL commands via the catid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070118 The vulnerabilities festival !", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" + }, + { + "name": "34792", + "refsource": "OSVDB", + "url": "http://osvdb.org/34792" + }, + { + "name": "20070204 Sql injection bugs in Joomla and Mambo", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459203/100/0/threaded" + }, + { + "name": "http://www.hackers.ir/advisories/festival.txt", + "refsource": "MISC", + "url": "http://www.hackers.ir/advisories/festival.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0570.json b/2007/0xxx/CVE-2007-0570.json index 57b716be2d2..9ec2b04e60a 100644 --- a/2007/0xxx/CVE-2007-0570.json +++ b/2007/0xxx/CVE-2007-0570.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3202", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3202" - }, - { - "name" : "22259", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22259" - }, - { - "name" : "ADV-2007-0384", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0384" - }, - { - "name" : "36620", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36620" - }, - { - "name" : "ains-ainsmain-file-include(31850)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0384", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0384" + }, + { + "name": "22259", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22259" + }, + { + "name": "ains-ainsmain-file-include(31850)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31850" + }, + { + "name": "3202", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3202" + }, + { + "name": "36620", + "refsource": "OSVDB", + "url": "http://osvdb.org/36620" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1584.json b/2007/1xxx/CVE-2007-1584.json index eafd7917fd3..621493be2d7 100644 --- a/2007/1xxx/CVE-2007-1584.json +++ b/2007/1xxx/CVE-2007-1584.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1584", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\\0' characters in whitespace that precedes the string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1584", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3517", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3517" - }, - { - "name" : "http://www.php-security.org/MOPB/MOPB-25-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-25-2007.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\\0' characters in whitespace that precedes the string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3517", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3517" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-25-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-25-2007.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1942.json b/2007/1xxx/CVE-2007-1942.json index ef55a993bfc..4c3beb11b6a 100644 --- a/2007/1xxx/CVE-2007-1942.json +++ b/2007/1xxx/CVE-2007-1942.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1942", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1942", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 Several Windows image viewers vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464726/100/0/threaded" - }, - { - "name" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html", - "refsource" : "MISC", - "url" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html" - }, - { - "name" : "23312", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23312" - }, - { - "name" : "34664", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34664" - }, - { - "name" : "24784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24784" - }, - { - "name" : "2558", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23312", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23312" + }, + { + "name": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html", + "refsource": "MISC", + "url": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html" + }, + { + "name": "20070404 Several Windows image viewers vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464726/100/0/threaded" + }, + { + "name": "24784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24784" + }, + { + "name": "2558", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2558" + }, + { + "name": "34664", + "refsource": "OSVDB", + "url": "http://osvdb.org/34664" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1969.json b/2007/1xxx/CVE-2007-1969.json index 665b8448f04..341f29e304f 100644 --- a/2007/1xxx/CVE-2007-1969.json +++ b/2007/1xxx/CVE-2007-1969.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to inject arbitrary web script or HTML via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464712/100/0/threaded" - }, - { - "name" : "2549", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam Crew MyBlog remote attackers to inject arbitrary web script or HTML via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2549", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2549" + }, + { + "name": "20070404 MyBlog: PHP and MySQL Blog/CMS software Cross-Site Scripting Vulnerabilitiy", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464712/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1998.json b/2007/1xxx/CVE-2007-1998.json index a610b52b303..2e29ae08839 100644 --- a/2007/1xxx/CVE-2007-1998.json +++ b/2007/1xxx/CVE-2007-1998.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3697", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3697" - }, - { - "name" : "ADV-2007-1333", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1333" - }, - { - "name" : "24835", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24835" - }, - { - "name" : "hgb-gb-command-execution(33540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1333", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1333" + }, + { + "name": "hgb-gb-command-execution(33540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33540" + }, + { + "name": "24835", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24835" + }, + { + "name": "3697", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3697" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3099.json b/2007/3xxx/CVE-2007-3099.json index f818dfc7e29..6578ac8c5ca 100644 --- a/2007/3xxx/CVE-2007-3099.json +++ b/2007/3xxx/CVE-2007-3099.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719" - }, - { - "name" : "http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev", - "refsource" : "CONFIRM", - "url" : "http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html" - }, - { - "name" : "DSA-1314", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1314" - }, - { - "name" : "RHSA-2007:0497", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0497.html" - }, - { - "name" : "SUSE-SR:2007:017", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_17_sr.html" - }, - { - "name" : "24471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24471" - }, - { - "name" : "37269", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37269" - }, - { - "name" : "oval:org.mitre.oval:def:11595", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11595" - }, - { - "name" : "1018246", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018246" - }, - { - "name" : "25679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25679" - }, - { - "name" : "25749", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25749" - }, - { - "name" : "26438", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26438" - }, - { - "name" : "26543", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26543" - }, - { - "name" : "openiscsi-mgmtipc-dos(34944)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34944" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719", + "refsource": "CONFIRM", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719" + }, + { + "name": "25679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25679" + }, + { + "name": "24471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24471" + }, + { + "name": "oval:org.mitre.oval:def:11595", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11595" + }, + { + "name": "1018246", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018246" + }, + { + "name": "37269", + "refsource": "OSVDB", + "url": "http://osvdb.org/37269" + }, + { + "name": "http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html" + }, + { + "name": "26438", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26438" + }, + { + "name": "SUSE-SR:2007:017", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html" + }, + { + "name": "26543", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26543" + }, + { + "name": "25749", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25749" + }, + { + "name": "http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev", + "refsource": "CONFIRM", + "url": "http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev" + }, + { + "name": "DSA-1314", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1314" + }, + { + "name": "openiscsi-mgmtipc-dos(34944)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34944" + }, + { + "name": "RHSA-2007:0497", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0497.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4209.json b/2007/4xxx/CVE-2007-4209.json index 4ff5725900b..6875e034e17 100644 --- a/2007/4xxx/CVE-2007-4209.json +++ b/2007/4xxx/CVE-2007-4209.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4209", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Recherche.php in Aceboard forum allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4209", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070803 Aceboard forum, SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475469/100/0/threaded" - }, - { - "name" : "25197", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25197" - }, - { - "name" : "aceboard-recherche-sql-injection(35793)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Recherche.php in Aceboard forum allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070803 Aceboard forum, SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475469/100/0/threaded" + }, + { + "name": "aceboard-recherche-sql-injection(35793)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35793" + }, + { + "name": "25197", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25197" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4438.json b/2007/4xxx/CVE-2007-4438.json index b578757287d..9b8e1b5b8ed 100644 --- a/2007/4xxx/CVE-2007-4438.json +++ b/2007/4xxx/CVE-2007-4438.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4438", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4438", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ampache.org/announce/3_3_3_5.php", - "refsource" : "CONFIRM", - "url" : "http://www.ampache.org/announce/3_3_3_5.php" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=189607", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=189607" - }, - { - "name" : "GLSA-200710-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200710-13.xml" - }, - { - "name" : "26542", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26542" - }, - { - "name" : "27253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27253" - }, - { - "name" : "ampache-session-hijacking(36122)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36122" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=189607", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=189607" + }, + { + "name": "27253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27253" + }, + { + "name": "http://www.ampache.org/announce/3_3_3_5.php", + "refsource": "CONFIRM", + "url": "http://www.ampache.org/announce/3_3_3_5.php" + }, + { + "name": "GLSA-200710-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200710-13.xml" + }, + { + "name": "26542", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26542" + }, + { + "name": "ampache-session-hijacking(36122)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36122" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4449.json b/2007/4xxx/CVE-2007-4449.json index 93afcdb3198..76661ad2d74 100644 --- a/2007/4xxx/CVE-2007-4449.json +++ b/2007/4xxx/CVE-2007-4449.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (application hang) via a command without an LF character, as demonstrated by a SAY command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070818 Multiple vulnerabilities in Toribash 2.71", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/toribashish.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/toribashish.zip" - }, - { - "name" : "25359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25359" - }, - { - "name" : "26507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26507" - }, - { - "name" : "3033", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3033" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (application hang) via a command without an LF character, as demonstrated by a SAY command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070818 Multiple vulnerabilities in Toribash 2.71", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded" + }, + { + "name": "http://aluigi.org/poc/toribashish.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/toribashish.zip" + }, + { + "name": "25359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25359" + }, + { + "name": "26507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26507" + }, + { + "name": "3033", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3033" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2231.json b/2015/2xxx/CVE-2015-2231.json index 7f8acfd3547..26b21fd5bac 100644 --- a/2015/2xxx/CVE-2015-2231.json +++ b/2015/2xxx/CVE-2015-2231.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2231", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2231", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2666.json b/2015/2xxx/CVE-2015-2666.json index ba451af97f2..c728f013951 100644 --- a/2015/2xxx/CVE-2015-2666.json +++ b/2015/2xxx/CVE-2015-2666.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2666", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2666", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader.", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/20/18" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204722", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204722" - }, - { - "name" : "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4" - }, - { - "name" : "FEDORA-2015-4457", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html" - }, - { - "name" : "RHSA-2015:1534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1534.html" - }, - { - "name" : "1032414", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032414" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-4457", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153329.html" + }, + { + "name": "1032414", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032414" + }, + { + "name": "[oss-security] 20150320 Re: CVE Request: Linux kernel execution in the early microcode loader.", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/20/18" + }, + { + "name": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4" + }, + { + "name": "RHSA-2015:1534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1534.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204722" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3062.json b/2015/3xxx/CVE-2015-3062.json index 51b179af816..92f4f175d4c 100644 --- a/2015/3xxx/CVE-2015-3062.json +++ b/2015/3xxx/CVE-2015-3062.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-207", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-207" - }, - { - "name" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html" - }, - { - "name" : "74604", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74604" - }, - { - "name" : "1032284", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032284" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74604", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74604" + }, + { + "name": "https://helpx.adobe.com/security/products/reader/apsb15-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-207", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-207" + }, + { + "name": "1032284", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032284" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3724.json b/2015/3xxx/CVE-2015-3724.json index 5bcaca3f8e3..c163883b997 100644 --- a/2015/3xxx/CVE-2015-3724.json +++ b/2015/3xxx/CVE-2015-3724.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204941", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204941" - }, - { - "name" : "APPLE-SA-2015-06-30-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" - }, - { - "name" : "75490", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75490" - }, - { - "name" : "1032761", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT204941", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204941" + }, + { + "name": "1032761", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032761" + }, + { + "name": "75490", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75490" + }, + { + "name": "APPLE-SA-2015-06-30-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6337.json b/2015/6xxx/CVE-2015-6337.json index c4645a78188..580b26855d5 100644 --- a/2015/6xxx/CVE-2015-6337.json +++ b/2015/6xxx/CVE-2015-6337.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6337", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote attackers to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160125 Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api" - }, - { - "name" : "1034827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote attackers to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160125 Cisco Application Policy Infrastructure Controller Enterprise Module SNMP Hostname Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api" + }, + { + "name": "1034827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034827" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6348.json b/2015/6xxx/CVE-2015-6348.json index a9f87875ac4..b16a41a39a5 100644 --- a/2015/6xxx/CVE-2015-6348.json +++ b/2015/6xxx/CVE-2015-6348.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151026 Cisco Secure Access Control Server Role-Based Access Control Weak Protection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151023-acs_rbac1" - }, - { - "name" : "1033970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033970" + }, + { + "name": "20151026 Cisco Secure Access Control Server Role-Based Access Control Weak Protection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151023-acs_rbac1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6417.json b/2015/6xxx/CVE-2015-6417.json index 9fefe35929a..43209821a3c 100644 --- a/2015/6xxx/CVE-2015-6417.json +++ b/2015/6xxx/CVE-2015-6417.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6417", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6417", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151210 Cisco Videoscape Distribution Suite Service Manager Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-vdssm" - }, - { - "name" : "78871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78871" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78871" + }, + { + "name": "20151210 Cisco Videoscape Distribution Suite Service Manager Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-vdssm" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6491.json b/2015/6xxx/CVE-2015-6491.json index 84245918e4c..af0a373cf05 100644 --- a/2015/6xxx/CVE-2015-6491.json +++ b/2015/6xxx/CVE-2015-6491.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-6491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6886.json b/2015/6xxx/CVE-2015-6886.json index 40862394245..8400ec694d1 100644 --- a/2015/6xxx/CVE-2015-6886.json +++ b/2015/6xxx/CVE-2015-6886.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6886", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6886", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7041.json b/2015/7xxx/CVE-2015-7041.json index 40cd200a167..32342b00dd1 100644 --- a/2015/7xxx/CVE-2015-7041.json +++ b/2015/7xxx/CVE-2015-7041.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7040, CVE-2015-7042, and CVE-2015-7043." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7452.json b/2015/7xxx/CVE-2015-7452.json index 5946f8b6228..b87c8893d1d 100644 --- a/2015/7xxx/CVE-2015-7452.json +++ b/2015/7xxx/CVE-2015-7452.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972463", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972463" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 FP9, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allow remote authenticated users to obtain sensitive information via the REST API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972463", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972463" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7591.json b/2015/7xxx/CVE-2015-7591.json index 1fd09adffb9..8891ec7de52 100644 --- a/2015/7xxx/CVE-2015-7591.json +++ b/2015/7xxx/CVE-2015-7591.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7591", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7591", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0040.json b/2016/0xxx/CVE-2016-0040.json index c9358231c80..682e79839bb 100644 --- a/2016/0xxx/CVE-2016-0040.json +++ b/2016/0xxx/CVE-2016-0040.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44586", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44586/" - }, - { - "name" : "MS16-014", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" - }, - { - "name" : "1034985", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034985", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034985" + }, + { + "name": "44586", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44586/" + }, + { + "name": "MS16-014", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0097.json b/2016/0xxx/CVE-2016-0097.json index daa426d7221..a030b258fe7 100644 --- a/2016/0xxx/CVE-2016-0097.json +++ b/2016/0xxx/CVE-2016-0097.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0097", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0097", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0370.json b/2016/0xxx/CVE-2016-0370.json index 366154355d1..dc1420a4950 100644 --- a/2016/0xxx/CVE-2016-0370.json +++ b/2016/0xxx/CVE-2016-0370.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an application that was built with this product." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988726", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988726" - }, - { - "name" : "LO88449", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88449" - }, - { - "name" : "LO88451", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88451" - }, - { - "name" : "92471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92471" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an application that was built with this product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988726", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988726" + }, + { + "name": "LO88449", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88449" + }, + { + "name": "92471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92471" + }, + { + "name": "LO88451", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88451" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0765.json b/2016/0xxx/CVE-2016-0765.json index 9ce2939999d..dd17444fd12 100644 --- a/2016/0xxx/CVE-2016-0765.json +++ b/2016/0xxx/CVE-2016-0765.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/02/02/3" - }, - { - "name" : "http://www.vapid.dhs.org/advisory.php?v=160", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisory.php?v=160" - }, - { - "name" : "82347", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82347" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page or (2) action parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/02/02/3" + }, + { + "name": "82347", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82347" + }, + { + "name": "http://www.vapid.dhs.org/advisory.php?v=160", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisory.php?v=160" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0926.json b/2016/0xxx/CVE-2016-0926.json index a531b64589b..a4fd2b79dd2 100644 --- a/2016/0xxx/CVE-2016-0926.json +++ b/2016/0xxx/CVE-2016-0926.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS framework." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pivotal.io/security/cve-2016-0926", - "refsource" : "CONFIRM", - "url" : "https://pivotal.io/security/cve-2016-0926" - }, - { - "name" : "91677", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91677" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS framework." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pivotal.io/security/cve-2016-0926", + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2016-0926" + }, + { + "name": "91677", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91677" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000345.json b/2016/1000xxx/CVE-2016-1000345.json index bca9eea5a7c..791ec291a95 100644 --- a/2016/1000xxx/CVE-2016-1000345.json +++ b/2016/1000xxx/CVE-2016-1000345.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "dgh@bouncycastle.org", - "ID" : "CVE-2016-1000345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Bouncy Castle JCE Provider", - "version" : { - "version_data" : [ - { - "version_value" : "1.55 and before" - } - ] - } - } - ] - }, - "vendor_name" : "The Legion of the Bouncy Castle Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-514: Covert Channel" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" - }, - { - "name" : "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098", - "refsource" : "CONFIRM", - "url" : "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20181127-0004/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20181127-0004/" - }, - { - "name" : "RHSA-2018:2669", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2669" - }, - { - "name" : "RHSA-2018:2927", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2927" - }, - { - "name" : "USN-3727-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3727-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" + }, + { + "name": "RHSA-2018:2669", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2669" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20181127-0004/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20181127-0004/" + }, + { + "name": "USN-3727-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3727-1/" + }, + { + "name": "RHSA-2018:2927", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2927" + }, + { + "name": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098", + "refsource": "CONFIRM", + "url": "https://github.com/bcgit/bc-java/commit/21dcb3d9744c83dcf2ff8fcee06dbca7bfa4ef35#diff-4439ce586bf9a13bfec05c0d113b8098" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1185.json b/2016/1xxx/CVE-2016-1185.json index 1205208059b..dcb3e2a43e7 100644 --- a/2016/1xxx/CVE-2016-1185.json +++ b/2016/1xxx/CVE-2016-1185.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1185", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1185", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9479", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9479" - }, - { - "name" : "JVN#89026267", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN89026267/index.html" - }, - { - "name" : "JVNDB-2016-000055", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000055" - }, - { - "name" : "96842", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#89026267", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN89026267/index.html" + }, + { + "name": "96842", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96842" + }, + { + "name": "JVNDB-2016-000055", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000055" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9479", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9479" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1713.json b/2016/1xxx/CVE-2016-1713.json index 2acc6701d68..3a02060432a 100644 --- a/2016/1xxx/CVE-2016-1713.json +++ b/2016/1xxx/CVE-2016-1713.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44379", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44379/" - }, - { - "name" : "[oss-security] 20160112 CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/12/4" - }, - { - "name" : "[oss-security] 20160112 Re: CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/12/7" - }, - { - "name" : "http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html", - "refsource" : "MISC", - "url" : "http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160112 Re: CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/12/7" + }, + { + "name": "[oss-security] 20160112 CVE Request: Vtiger CRM 6.4 Authenticated Remote Code Execution", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/12/4" + }, + { + "name": "http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html", + "refsource": "MISC", + "url": "http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html" + }, + { + "name": "44379", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44379/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1792.json b/2016/1xxx/CVE-2016-1792.json index 6fbe534277f..43eebc82f41 100644 --- a/2016/1xxx/CVE-2016-1792.json +++ b/2016/1xxx/CVE-2016-1792.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AMD subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1914.json b/2016/1xxx/CVE-2016-1914.json index cabd0beaf2b..2504845da0b 100644 --- a/2016/1xxx/CVE-2016-1914.json +++ b/2016/1xxx/CVE-2016-1914.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1914", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1914", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39481", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39481/" - }, - { - "name" : "20160222 BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Feb/95" - }, - { - "name" : "http://security-assessment.com/files/documents/advisory/Blackberry%20BES12%20Self-Service%20Multiple%20Vulnerabilities.pdf", - "refsource" : "MISC", - "url" : "http://security-assessment.com/files/documents/advisory/Blackberry%20BES12%20Self-Service%20Multiple%20Vulnerabilities.pdf" - }, - { - "name" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038033", - "refsource" : "CONFIRM", - "url" : "http://support.blackberry.com/kb/articleDetail?articleNumber=000038033" - }, - { - "name" : "1035095", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035095" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035095", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035095" + }, + { + "name": "http://security-assessment.com/files/documents/advisory/Blackberry%20BES12%20Self-Service%20Multiple%20Vulnerabilities.pdf", + "refsource": "MISC", + "url": "http://security-assessment.com/files/documents/advisory/Blackberry%20BES12%20Self-Service%20Multiple%20Vulnerabilities.pdf" + }, + { + "name": "39481", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39481/" + }, + { + "name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038033", + "refsource": "CONFIRM", + "url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000038033" + }, + { + "name": "20160222 BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Feb/95" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4567.json b/2016/4xxx/CVE-2016-4567.json index 85ae3c0e2d9..da468c16b75 100644 --- a/2016/4xxx/CVE-2016-4567.json +++ b/2016/4xxx/CVE-2016-4567.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by \"jsinitfunctio%gn.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160507 CVE Request: wordpress and mediaelement", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/07/2" - }, - { - "name" : "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c", - "refsource" : "MISC", - "url" : "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8488", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8488" - }, - { - "name" : "https://codex.wordpress.org/Version_4.5.2", - "refsource" : "CONFIRM", - "url" : "https://codex.wordpress.org/Version_4.5.2" - }, - { - "name" : "https://core.trac.wordpress.org/changeset/37371", - "refsource" : "CONFIRM", - "url" : "https://core.trac.wordpress.org/changeset/37371" - }, - { - "name" : "https://github.com/johndyer/mediaelement/blob/master/changelog.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/johndyer/mediaelement/blob/master/changelog.md" - }, - { - "name" : "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e", - "refsource" : "CONFIRM", - "url" : "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e" - }, - { - "name" : "https://wordpress.org/news/2016/05/wordpress-4-5-2/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/news/2016/05/wordpress-4-5-2/" - }, - { - "name" : "1035818", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035818" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by \"jsinitfunctio%gn.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/johndyer/mediaelement/blob/master/changelog.md", + "refsource": "CONFIRM", + "url": "https://github.com/johndyer/mediaelement/blob/master/changelog.md" + }, + { + "name": "[oss-security] 20160507 CVE Request: wordpress and mediaelement", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/07/2" + }, + { + "name": "https://codex.wordpress.org/Version_4.5.2", + "refsource": "CONFIRM", + "url": "https://codex.wordpress.org/Version_4.5.2" + }, + { + "name": "1035818", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035818" + }, + { + "name": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c", + "refsource": "MISC", + "url": "https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c" + }, + { + "name": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e", + "refsource": "CONFIRM", + "url": "https://github.com/johndyer/mediaelement/commit/34834eef8ac830b9145df169ec22016a4350f06e" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/8488", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8488" + }, + { + "name": "https://wordpress.org/news/2016/05/wordpress-4-5-2/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/news/2016/05/wordpress-4-5-2/" + }, + { + "name": "https://core.trac.wordpress.org/changeset/37371", + "refsource": "CONFIRM", + "url": "https://core.trac.wordpress.org/changeset/37371" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4868.json b/2016/4xxx/CVE-2016-4868.json index 94b8de7a024..cfa91a2b8b1 100644 --- a/2016/4xxx/CVE-2016-4868.json +++ b/2016/4xxx/CVE-2016-4868.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4868", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4868", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9433", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9433" - }, - { - "name" : "JVN#08736331", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN08736331/index.html" - }, - { - "name" : "JVNDB-2016-000190", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000190.html" - }, - { - "name" : "97713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Email header injection vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote attackers to inject arbitrary email headers to send unintended emails via specially crafted requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.cybozu.com/ja-jp/article/9433", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9433" + }, + { + "name": "97713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97713" + }, + { + "name": "JVN#08736331", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN08736331/index.html" + }, + { + "name": "JVNDB-2016-000190", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000190.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4912.json b/2016/4xxx/CVE-2016-4912.json index 5cc941c0b39..0bb4758a47b 100644 --- a/2016/4xxx/CVE-2016-4912.json +++ b/2016/4xxx/CVE-2016-4912.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4912", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4912", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160518 Re: CVE Request: null pointer deref in openslp, can be triggered remotely", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/18/6" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1329295", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1329295" - }, - { - "name" : "GLSA-201707-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-05" - }, - { - "name" : "1035916", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035916" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1329295", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329295" + }, + { + "name": "GLSA-201707-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-05" + }, + { + "name": "1035916", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035916" + }, + { + "name": "[oss-security] 20160518 Re: CVE Request: null pointer deref in openslp, can be triggered remotely", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/18/6" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5287.json b/2016/5xxx/CVE-2016-5287.json index 198138cb348..6b82c56685a 100644 --- a/2016/5xxx/CVE-2016-5287.json +++ b/2016/5xxx/CVE-2016-5287.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2016-5287", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "49.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Crash in nsTArray_base::SwapArrayElements" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5287", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "49.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1309823", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1309823" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-87/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-87/" - }, - { - "name" : "93811", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93811" - }, - { - "name" : "1037077", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037077" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox < 49.0.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Crash in nsTArray_base::SwapArrayElements" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-87/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-87/" + }, + { + "name": "93811", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93811" + }, + { + "name": "1037077", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037077" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309823", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309823" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0009.json b/2019/0xxx/CVE-2019-0009.json index 8ba556ca9e6..a258c104524 100644 --- a/2019/0xxx/CVE-2019-0009.json +++ b/2019/0xxx/CVE-2019-0009.json @@ -1,119 +1,119 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@juniper.net", - "DATE_PUBLIC" : "2019-01-09T17:00:00.000Z", - "ID" : "CVE-2019-0009", - "STATE" : "PUBLIC", - "TITLE" : "Junos OS: EX2300 and EX3400: High disk I/O operations may disrupt the communication between RE and PFE" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Junos OS", - "version" : { - "version_data" : [ - { - "affected" : "<", - "platform" : "EX2300 and EX3400 series", - "version_name" : "15.1X53", - "version_value" : "15.1X53-D113, 15.1X53-D590" - }, - { - "affected" : "<", - "platform" : "EX2300 and EX3400 series", - "version_name" : "18.1", - "version_value" : "18.1R2-S2, 18.1R3" - }, - { - "affected" : "<", - "platform" : "EX2300 and EX3400 series", - "version_name" : "18.2", - "version_value" : "18.2R2" - } - ] - } - } - ] - }, - "vendor_name" : "Juniper Networks" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "LOCAL", - "availabilityImpact" : "HIGH", - "baseScore" : 5.5, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "NONE", - "integrityImpact" : "NONE", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DoS" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2019-01-09T17:00:00.000Z", + "ID": "CVE-2019-0009", + "STATE": "PUBLIC", + "TITLE": "Junos OS: EX2300 and EX3400: High disk I/O operations may disrupt the communication between RE and PFE" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "affected": "<", + "platform": "EX2300 and EX3400 series", + "version_name": "15.1X53", + "version_value": "15.1X53-D113, 15.1X53-D590" + }, + { + "affected": "<", + "platform": "EX2300 and EX3400 series", + "version_name": "18.1", + "version_value": "18.1R2-S2, 18.1R3" + }, + { + "affected": "<", + "platform": "EX2300 and EX3400 series", + "version_name": "18.2", + "version_value": "18.2R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/JSA10909", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10909" - }, - { - "name" : "106548", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106548" - } - ] - }, - "solution" : [ - { - "lang" : "eng", - "value" : "The following software releases have been updated to resolve this specific issue: Junos OS 15.1X53-D113, 15.1X53-D590, 18.1R2-S2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases." - } - ], - "source" : { - "advisory" : "JSA10909", - "defect" : [ - "1355593" - ], - "discovery" : "USER" - }, - "work_around" : [ - { - "lang" : "eng", - "value" : "Avoid performing operation that may generate high disk I/O.\nLimiting the access to the device to only trusted administrators from trusted administrative networks or hosts would minimize the risk." - } - ] -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA10909", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10909" + }, + { + "name": "106548", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106548" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS 15.1X53-D113, 15.1X53-D590, 18.1R2-S2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA10909", + "defect": [ + "1355593" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "Avoid performing operation that may generate high disk I/O.\nLimiting the access to the device to only trusted administrators from trusted administrative networks or hosts would minimize the risk." + } + ] +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0081.json b/2019/0xxx/CVE-2019-0081.json index 6c9e47da98d..1ae527bbca3 100644 --- a/2019/0xxx/CVE-2019-0081.json +++ b/2019/0xxx/CVE-2019-0081.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0081", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0081", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0177.json b/2019/0xxx/CVE-2019-0177.json index f72d156a4d4..7a2ba54400a 100644 --- a/2019/0xxx/CVE-2019-0177.json +++ b/2019/0xxx/CVE-2019-0177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3093.json b/2019/3xxx/CVE-2019-3093.json index b6feb7fb048..92ec56bc334 100644 --- a/2019/3xxx/CVE-2019-3093.json +++ b/2019/3xxx/CVE-2019-3093.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3093", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3093", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3236.json b/2019/3xxx/CVE-2019-3236.json index 3c7352b5ecb..c8665f3ea08 100644 --- a/2019/3xxx/CVE-2019-3236.json +++ b/2019/3xxx/CVE-2019-3236.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3236", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3236", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3520.json b/2019/3xxx/CVE-2019-3520.json index eb3e327d69c..2e14242a585 100644 --- a/2019/3xxx/CVE-2019-3520.json +++ b/2019/3xxx/CVE-2019-3520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3520", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3520", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3879.json b/2019/3xxx/CVE-2019-3879.json index e38d1a6b18a..f43282be274 100644 --- a/2019/3xxx/CVE-2019-3879.json +++ b/2019/3xxx/CVE-2019-3879.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3879", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3879", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4164.json b/2019/4xxx/CVE-2019-4164.json index 0e2329935e4..2d433eb5b50 100644 --- a/2019/4xxx/CVE-2019-4164.json +++ b/2019/4xxx/CVE-2019-4164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4408.json b/2019/4xxx/CVE-2019-4408.json index 2ee078dc642..e9aaa12fd68 100644 --- a/2019/4xxx/CVE-2019-4408.json +++ b/2019/4xxx/CVE-2019-4408.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4408", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4408", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4802.json b/2019/4xxx/CVE-2019-4802.json index 7f69f84309e..80a9a7a1a43 100644 --- a/2019/4xxx/CVE-2019-4802.json +++ b/2019/4xxx/CVE-2019-4802.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4802", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4802", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4928.json b/2019/4xxx/CVE-2019-4928.json index 52660d92304..9fe303c39df 100644 --- a/2019/4xxx/CVE-2019-4928.json +++ b/2019/4xxx/CVE-2019-4928.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4928", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4928", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7570.json b/2019/7xxx/CVE-2019-7570.json index 1dae1460439..ee804d35236 100644 --- a/2019/7xxx/CVE-2019-7570.json +++ b/2019/7xxx/CVE-2019-7570.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.csdn.net/yangfan0502/article/details/86189065", - "refsource" : "MISC", - "url" : "https://blog.csdn.net/yangfan0502/article/details/86189065" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.csdn.net/yangfan0502/article/details/86189065", + "refsource": "MISC", + "url": "https://blog.csdn.net/yangfan0502/article/details/86189065" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7723.json b/2019/7xxx/CVE-2019-7723.json index f565d64d62b..be5bcbd95d2 100644 --- a/2019/7xxx/CVE-2019-7723.json +++ b/2019/7xxx/CVE-2019-7723.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7723", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7723", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7827.json b/2019/7xxx/CVE-2019-7827.json index 4e1338a4768..0338b8185e8 100644 --- a/2019/7xxx/CVE-2019-7827.json +++ b/2019/7xxx/CVE-2019-7827.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7827", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7827", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7995.json b/2019/7xxx/CVE-2019-7995.json index 79126562453..38d0d809e88 100644 --- a/2019/7xxx/CVE-2019-7995.json +++ b/2019/7xxx/CVE-2019-7995.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7995", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7995", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8063.json b/2019/8xxx/CVE-2019-8063.json index 7e6a4f4b5c7..4204082d67b 100644 --- a/2019/8xxx/CVE-2019-8063.json +++ b/2019/8xxx/CVE-2019-8063.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8063", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8063", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8390.json b/2019/8xxx/CVE-2019-8390.json index 6d83c7835c1..a532e7e1ca7 100644 --- a/2019/8xxx/CVE-2019-8390.json +++ b/2019/8xxx/CVE-2019-8390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8601.json b/2019/8xxx/CVE-2019-8601.json index dfc4784ccf7..d079841fb2a 100644 --- a/2019/8xxx/CVE-2019-8601.json +++ b/2019/8xxx/CVE-2019-8601.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8601", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8601", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8936.json b/2019/8xxx/CVE-2019-8936.json index dcaeb891489..57f8e107250 100644 --- a/2019/8xxx/CVE-2019-8936.json +++ b/2019/8xxx/CVE-2019-8936.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8936", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8936", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8951.json b/2019/8xxx/CVE-2019-8951.json index 843d712bf21..04a8f59ae86 100644 --- a/2019/8xxx/CVE-2019-8951.json +++ b/2019/8xxx/CVE-2019-8951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9177.json b/2019/9xxx/CVE-2019-9177.json index 0f3f4d18f99..39d4e5aaeaa 100644 --- a/2019/9xxx/CVE-2019-9177.json +++ b/2019/9xxx/CVE-2019-9177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9685.json b/2019/9xxx/CVE-2019-9685.json index bdea7208047..23a2ad3b436 100644 --- a/2019/9xxx/CVE-2019-9685.json +++ b/2019/9xxx/CVE-2019-9685.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9685", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9685", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file