diff --git a/1999/0xxx/CVE-1999-0918.json b/1999/0xxx/CVE-1999-0918.json index 793c009403a..7002dd28ee7 100644 --- a/1999/0xxx/CVE-1999-0918.json +++ b/1999/0xxx/CVE-1999-0918.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0918", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Denial of service in various Windows systems via malformed, fragmented IGMP packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0918", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q238329", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238329" - }, - { - "name" : "MS99-034", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034" - }, - { - "name" : "514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Denial of service in various Windows systems via malformed, fragmented IGMP packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/514" + }, + { + "name": "MS99-034", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034" + }, + { + "name": "Q238329", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238329" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0067.json b/2007/0xxx/CVE-2007-0067.json index 4b6b914afd8..fa7a2e34eea 100644 --- a/2007/0xxx/CVE-2007-0067.json +++ b/2007/0xxx/CVE-2007-0067.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0067", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0067", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257251", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257251" - }, - { - "name" : "24307", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24307" - }, - { - "name" : "ADV-2007-2046", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2046" - }, - { - "name" : "35766", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35766" - }, - { - "name" : "1018189", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018189" - }, - { - "name" : "25542", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25542" - }, - { - "name" : "domino-unspecified-dos(34689)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24307", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24307" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251" + }, + { + "name": "35766", + "refsource": "OSVDB", + "url": "http://osvdb.org/35766" + }, + { + "name": "domino-unspecified-dos(34689)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689" + }, + { + "name": "1018189", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018189" + }, + { + "name": "25542", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25542" + }, + { + "name": "ADV-2007-2046", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2046" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0171.json b/2007/0xxx/CVE-2007-0171.json index f512aaaa9ba..9157eceb900 100644 --- a/2007/0xxx/CVE-2007-0171.json +++ b/2007/0xxx/CVE-2007-0171.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AML_opensite parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3096", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3096" - }, - { - "name" : "21916", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21916" - }, - { - "name" : "35909", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35909" - }, - { - "name" : "allmylinks-index-file-include(31314)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AML_opensite parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3096", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3096" + }, + { + "name": "35909", + "refsource": "OSVDB", + "url": "http://osvdb.org/35909" + }, + { + "name": "allmylinks-index-file-include(31314)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31314" + }, + { + "name": "21916", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21916" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0292.json b/2007/0xxx/CVE-2007-0292.json index 6fe6ee0838f..4a6908c3ae1 100644 --- a/2007/0xxx/CVE-2007-0292.json +++ b/2007/0xxx/CVE-2007-0292.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0292", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32875", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32875" - }, - { - "name" : "32876", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32876" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "32876", + "refsource": "OSVDB", + "url": "http://osvdb.org/32876" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + }, + { + "name": "32875", + "refsource": "OSVDB", + "url": "http://osvdb.org/32875" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0559.json b/2007/0xxx/CVE-2007-0559.json index c05c0f28ed8..39e6d9c9a27 100644 --- a/2007/0xxx/CVE-2007-0559.json +++ b/2007/0xxx/CVE-2007-0559.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0559", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0559", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3185", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3185" - }, - { - "name" : "ADV-2007-0342", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0342" - }, - { - "name" : "36626", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36626" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0342", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0342" + }, + { + "name": "36626", + "refsource": "OSVDB", + "url": "http://osvdb.org/36626" + }, + { + "name": "3185", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3185" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0789.json b/2007/0xxx/CVE-2007-0789.json index b9b95d3a362..559d32e598c 100644 --- a/2007/0xxx/CVE-2007-0789.json +++ b/2007/0xxx/CVE-2007-0789.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://mamboxchange.com/frs/shownotes.php?release_id=6232", - "refsource" : "CONFIRM", - "url" : "http://mamboxchange.com/frs/shownotes.php?release_id=6232" - }, - { - "name" : "ADV-2007-0480", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0480" - }, - { - "name" : "33088", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33088" - }, - { - "name" : "24044", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24044" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33088", + "refsource": "OSVDB", + "url": "http://osvdb.org/33088" + }, + { + "name": "24044", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24044" + }, + { + "name": "http://mamboxchange.com/frs/shownotes.php?release_id=6232", + "refsource": "CONFIRM", + "url": "http://mamboxchange.com/frs/shownotes.php?release_id=6232" + }, + { + "name": "ADV-2007-0480", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0480" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1097.json b/2007/1xxx/CVE-2007-1097.json index 1f5e4342486..117e0e4e5f1 100644 --- a/2007/1xxx/CVE-2007-1097.json +++ b/2007/1xxx/CVE-2007-1097.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1097", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1097", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://wiclear.free.fr/?Download", - "refsource" : "CONFIRM", - "url" : "http://wiclear.free.fr/?Download" - }, - { - "name" : "ADV-2007-0792", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0792" - }, - { - "name" : "33598", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33598" - }, - { - "name" : "24286", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24286" - }, - { - "name" : "wiclear-onattachfiles-file-upload(32757)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://wiclear.free.fr/?Download", + "refsource": "CONFIRM", + "url": "http://wiclear.free.fr/?Download" + }, + { + "name": "24286", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24286" + }, + { + "name": "33598", + "refsource": "OSVDB", + "url": "http://osvdb.org/33598" + }, + { + "name": "ADV-2007-0792", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0792" + }, + { + "name": "wiclear-onattachfiles-file-upload(32757)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32757" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1537.json b/2007/1xxx/CVE-2007-1537.json index 53dea0c3033..990dafb3936 100644 --- a/2007/1xxx/CVE-2007-1537.json +++ b/2007/1xxx/CVE-2007-1537.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "\\Device\\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070319 [Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463208/100/0/threaded" - }, - { - "name" : "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47", - "refsource" : "MISC", - "url" : "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47" - }, - { - "name" : "23025", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23025" - }, - { - "name" : "ADV-2007-1031", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1031" - }, - { - "name" : "33628", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33628" - }, - { - "name" : "24598", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24598" - }, - { - "name" : "2471", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2471" - }, - { - "name" : "windows-ndistapi-dos(33086)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "\\Device\\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24598", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24598" + }, + { + "name": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47", + "refsource": "MISC", + "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47" + }, + { + "name": "2471", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2471" + }, + { + "name": "23025", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23025" + }, + { + "name": "33628", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33628" + }, + { + "name": "windows-ndistapi-dos(33086)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33086" + }, + { + "name": "ADV-2007-1031", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1031" + }, + { + "name": "20070319 [Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463208/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1842.json b/2007/1xxx/CVE-2007-1842.json index 814c74bd674..2422a44b01c 100644 --- a/2007/1xxx/CVE-2007-1842.json +++ b/2007/1xxx/CVE-2007-1842.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3614", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3614" - }, - { - "name" : "http://kldp.net/plugins/scmcvs/cvsweb.php/jsboard-2/login.php.diff?r1=1.8;r2=1.9;cvsroot=jsboard", - "refsource" : "CONFIRM", - "url" : "http://kldp.net/plugins/scmcvs/cvsweb.php/jsboard-2/login.php.diff?r1=1.8;r2=1.9;cvsroot=jsboard" - }, - { - "name" : "23223", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23223" - }, - { - "name" : "ADV-2007-1182", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1182" - }, - { - "name" : "37365", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37365" - }, - { - "name" : "jsboard-login-file-include(33338)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://kldp.net/plugins/scmcvs/cvsweb.php/jsboard-2/login.php.diff?r1=1.8;r2=1.9;cvsroot=jsboard", + "refsource": "CONFIRM", + "url": "http://kldp.net/plugins/scmcvs/cvsweb.php/jsboard-2/login.php.diff?r1=1.8;r2=1.9;cvsroot=jsboard" + }, + { + "name": "3614", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3614" + }, + { + "name": "37365", + "refsource": "OSVDB", + "url": "http://osvdb.org/37365" + }, + { + "name": "jsboard-login-file-include(33338)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33338" + }, + { + "name": "23223", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23223" + }, + { + "name": "ADV-2007-1182", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1182" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4199.json b/2007/4xxx/CVE-2007-4199.json index 862e10368aa..1f967d1d301 100644 --- a/2007/4xxx/CVE-2007-4199.json +++ b/2007/4xxx/CVE-2007-4199.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image that triggers (1) dereference of a certain integer value by ntfs_dent.c in fls, or (2) dereference of a certain other integer value by ntfs.c in fsstat." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070726 Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474809/100/0/threaded" - }, - { - "name" : "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475335/100/0/threaded" - }, - { - "name" : "[sleuthkit-announce] 20070614 TSK 2.09 Released and new Wiki", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_name=A19F11EF-13CA-4940-AFF3-9BE08F67EE22%40sleuthkit.org" - }, - { - "name" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" - }, - { - "name" : "25181", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25181" - }, - { - "name" : "46997", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46997" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Brian Carrier The Sleuth Kit (TSK) before 2.09 allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image that triggers (1) dereference of a certain integer value by ntfs_dent.c in fls, or (2) dereference of a certain other integer value by ntfs.c in fsstat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070726 Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded" + }, + { + "name": "46997", + "refsource": "OSVDB", + "url": "http://osvdb.org/46997" + }, + { + "name": "25181", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25181" + }, + { + "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded" + }, + { + "name": "[sleuthkit-announce] 20070614 TSK 2.09 Released and new Wiki", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_name=A19F11EF-13CA-4940-AFF3-9BE08F67EE22%40sleuthkit.org" + }, + { + "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", + "refsource": "MISC", + "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5147.json b/2007/5xxx/CVE-2007-5147.json index 077f7b2a2c3..58b89560919 100644 --- a/2007/5xxx/CVE-2007-5147.json +++ b/2007/5xxx/CVE-2007-5147.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5147", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to (1) core/modules/my/my.module.php or (2) core/modules/xml/xml.module.php; the COREROOT parameter to (3) config.loader.php, (4) platform.loader.php, (5) core.loader.php, (6) person.loader.php, or (7) module.loader.php in core/ or (8) install/steps/step_3.php; or the THISDIR parameter to (9) people.lib.php, (10) general.lib.php, (11) content.lib.php, or (12) templates.lib.php in core/modules/admin/libs/ or (13) core/modules/webstat/MEC/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5147", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-puzzle-apps-cms/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-puzzle-apps-cms/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to (1) core/modules/my/my.module.php or (2) core/modules/xml/xml.module.php; the COREROOT parameter to (3) config.loader.php, (4) platform.loader.php, (5) core.loader.php, (6) person.loader.php, or (7) module.loader.php in core/ or (8) install/steps/step_3.php; or the THISDIR parameter to (9) people.lib.php, (10) general.lib.php, (11) content.lib.php, or (12) templates.lib.php in core/modules/admin/libs/ or (13) core/modules/webstat/MEC/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-puzzle-apps-cms/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-puzzle-apps-cms/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5300.json b/2007/5xxx/CVE-2007-5300.json index 5f32a8886d4..201bf807db4 100644 --- a/2007/5xxx/CVE-2007-5300.json +++ b/2007/5xxx/CVE-2007-5300.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5300", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5300", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4498", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4498" - }, - { - "name" : "DSA-1452", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1452" - }, - { - "name" : "25967", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25967" - }, - { - "name" : "ADV-2007-3389", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3389" - }, - { - "name" : "27091", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27091" - }, - { - "name" : "28342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28342" - }, - { - "name" : "wzdftpd-dologinloop-bo(37008)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37008" - }, - { - "name" : "wzdftpd-user-dos(37010)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37010" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wzdftpd-user-dos(37010)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37010" + }, + { + "name": "27091", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27091" + }, + { + "name": "ADV-2007-3389", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3389" + }, + { + "name": "25967", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25967" + }, + { + "name": "wzdftpd-dologinloop-bo(37008)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37008" + }, + { + "name": "4498", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4498" + }, + { + "name": "DSA-1452", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1452" + }, + { + "name": "28342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28342" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5636.json b/2007/5xxx/CVE-2007-5636.json index e6def76fa69..91f21a19194 100644 --- a/2007/5xxx/CVE-2007-5636.json +++ b/2007/5xxx/CVE-2007-5636.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5636", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka \"extraneous messaging.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071018 Nortel UNIStim IP Softphone Buffer-Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482476/100/0/threaded" - }, - { - "name" : "http://www.csnc.ch/static/advisory/csnc/nortel_UNIStim_IP_softphone_buffer-overflow_v1.0.txt", - "refsource" : "MISC", - "url" : "http://www.csnc.ch/static/advisory/csnc/nortel_UNIStim_IP_softphone_buffer-overflow_v1.0.txt" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655203", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655203" - }, - { - "name" : "26118", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26118" - }, - { - "name" : "ADV-2007-3540", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3540" - }, - { - "name" : "38521", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38521" - }, - { - "name" : "27252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27252" - }, - { - "name" : "3271", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3271" - }, - { - "name" : "nortel-ipsoftphone-rtcp-bo(37256)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka \"extraneous messaging.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071018 Nortel UNIStim IP Softphone Buffer-Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482476/100/0/threaded" + }, + { + "name": "27252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27252" + }, + { + "name": "3271", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3271" + }, + { + "name": "http://www.csnc.ch/static/advisory/csnc/nortel_UNIStim_IP_softphone_buffer-overflow_v1.0.txt", + "refsource": "MISC", + "url": "http://www.csnc.ch/static/advisory/csnc/nortel_UNIStim_IP_softphone_buffer-overflow_v1.0.txt" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655203", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655203" + }, + { + "name": "ADV-2007-3540", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3540" + }, + { + "name": "38521", + "refsource": "OSVDB", + "url": "http://osvdb.org/38521" + }, + { + "name": "nortel-ipsoftphone-rtcp-bo(37256)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37256" + }, + { + "name": "26118", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26118" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5824.json b/2007/5xxx/CVE-2007-5824.json index ed2d99bc39e..b83edf96e7e 100644 --- a/2007/5xxx/CVE-2007-5824.json +++ b/2007/5xxx/CVE-2007-5824.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071102 Re: [UPH-07-01] Firefly Media Server DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483215/100/0/threaded" - }, - { - "name" : "20071102 [UPH-07-01] Firefly Media Server DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483210/100/0/threaded" - }, - { - "name" : "20071102 [UPH-07-02] Firefly Media Server DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483211/100/0/threaded" - }, - { - "name" : "4600", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4600" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=200110", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=200110" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679" - }, - { - "name" : "DSA-1597", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1597" - }, - { - "name" : "GLSA-200712-18", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml" - }, - { - "name" : "26309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26309" - }, - { - "name" : "28269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28269" - }, - { - "name" : "30661", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30661" - }, - { - "name" : "firefly-decodepassword-dos(38242)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242" - }, - { - "name" : "firefly-getheaders-dos(38241)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ':' character, which triggers a crash in the ws_getheaders function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "firefly-decodepassword-dos(38242)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38242" + }, + { + "name": "DSA-1597", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1597" + }, + { + "name": "20071102 [UPH-07-02] Firefly Media Server DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483211/100/0/threaded" + }, + { + "name": "26309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26309" + }, + { + "name": "20071102 Re: [UPH-07-01] Firefly Media Server DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483215/100/0/threaded" + }, + { + "name": "firefly-getheaders-dos(38241)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38241" + }, + { + "name": "28269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28269" + }, + { + "name": "4600", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4600" + }, + { + "name": "20071102 [UPH-07-01] Firefly Media Server DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483210/100/0/threaded" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=98211&release_id=548679" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=200110", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=200110" + }, + { + "name": "30661", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30661" + }, + { + "name": "GLSA-200712-18", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5963.json b/2007/5xxx/CVE-2007-5963.json index da1dec85590..4f553d43e0a 100644 --- a/2007/5xxx/CVE-2007-5963.json +++ b/2007/5xxx/CVE-2007-5963.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071218 rPSA-2007-0268-1 kdebase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485238" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1992", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1992" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268" - }, - { - "name" : "FEDORA-2008-1264", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html" - }, - { - "name" : "FEDORA-2008-1283", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html" - }, - { - "name" : "MDVSA-2009:017", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017" - }, - { - "name" : "26909", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26909" - }, - { - "name" : "ADV-2007-4267", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4267" - }, - { - "name" : "41395", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41395" - }, - { - "name" : "28104", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28104" - }, - { - "name" : "28181", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28181" - }, - { - "name" : "28751", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28751" - }, - { - "name" : "3469", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3469" - }, - { - "name" : "kdm-image-configuration-dos(39168)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2008-1264", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00031.html" + }, + { + "name": "kdm-image-configuration-dos(39168)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39168" + }, + { + "name": "3469", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3469" + }, + { + "name": "FEDORA-2008-1283", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00038.html" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0268" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1992", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1992" + }, + { + "name": "41395", + "refsource": "OSVDB", + "url": "http://osvdb.org/41395" + }, + { + "name": "20071218 rPSA-2007-0268-1 kdebase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485238" + }, + { + "name": "ADV-2007-4267", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4267" + }, + { + "name": "MDVSA-2009:017", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:017" + }, + { + "name": "26909", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26909" + }, + { + "name": "28104", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28104" + }, + { + "name": "28181", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28181" + }, + { + "name": "28751", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28751" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5990.json b/2007/5xxx/CVE-2007-5990.json index 7699d51f27e..39b7595f84e 100644 --- a/2007/5xxx/CVE-2007-5990.json +++ b/2007/5xxx/CVE-2007-5990.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5990", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile, possibly the (1) name and (2) website parameters to register.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5990", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071113 ExoPHPdesk user profile XSS / profile SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483673/100/0/threaded" - }, - { - "name" : "26431", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26431" - }, - { - "name" : "26453", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26453" - }, - { - "name" : "38672", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38672" - }, - { - "name" : "27638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27638" - }, - { - "name" : "3368", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3368" - }, - { - "name" : "exophpdesk-index-xss(38447)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38447" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile, possibly the (1) name and (2) website parameters to register.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27638" + }, + { + "name": "20071113 ExoPHPdesk user profile XSS / profile SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483673/100/0/threaded" + }, + { + "name": "38672", + "refsource": "OSVDB", + "url": "http://osvdb.org/38672" + }, + { + "name": "exophpdesk-index-xss(38447)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38447" + }, + { + "name": "3368", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3368" + }, + { + "name": "26453", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26453" + }, + { + "name": "26431", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26431" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3329.json b/2015/3xxx/CVE-2015-3329.json index e014e0f3a61..5b3b0cb23ba 100644 --- a/2015/3xxx/CVE-2015-3329.json +++ b/2015/3xxx/CVE-2015-3329.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=69441", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=69441" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "https://support.apple.com/HT205267", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205267" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-09-30-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" - }, - { - "name" : "DSA-3280", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3280" - }, - { - "name" : "GLSA-201606-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-10" - }, - { - "name" : "RHSA-2015:1187", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" - }, - { - "name" : "RHSA-2015:1135", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" - }, - { - "name" : "RHSA-2015:1186", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" - }, - { - "name" : "RHSA-2015:1066", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1066.html" - }, - { - "name" : "RHSA-2015:1218", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" - }, - { - "name" : "SUSE-SU-2015:0868", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" - }, - { - "name" : "openSUSE-SU-2015:0855", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html" - }, - { - "name" : "USN-2572-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2572-1" - }, - { - "name" : "74240", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74240" - }, - { - "name" : "1032145", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032145" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1187", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" + }, + { + "name": "RHSA-2015:1186", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" + }, + { + "name": "74240", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74240" + }, + { + "name": "APPLE-SA-2015-09-30-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" + }, + { + "name": "https://bugs.php.net/bug.php?id=69441", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=69441" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "1032145", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032145" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "SUSE-SU-2015:0868", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html" + }, + { + "name": "https://support.apple.com/HT205267", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205267" + }, + { + "name": "DSA-3280", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3280" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "USN-2572-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2572-1" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c" + }, + { + "name": "RHSA-2015:1135", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "openSUSE-SU-2015:0855", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html" + }, + { + "name": "GLSA-201606-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-10" + }, + { + "name": "RHSA-2015:1066", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html" + }, + { + "name": "RHSA-2015:1218", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3783.json b/2015/3xxx/CVE-2015-3783.json index 23f4e12bf65..fbad95c0055 100644 --- a/2015/3xxx/CVE-2015-3783.json +++ b/2015/3xxx/CVE-2015-3783.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38264", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38264/" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "76340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76340" - }, - { - "name" : "1033276", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38264", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38264/" + }, + { + "name": "76340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76340" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "1033276", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033276" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3840.json b/2015/3xxx/CVE-2015-3840.json index f1ad8f517ec..afd7358ddd2 100644 --- a/2015/3xxx/CVE-2015-3840.json +++ b/2015/3xxx/CVE-2015-3840.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3840", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated \"WRITE_SMS\" permission." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges/", - "refsource" : "MISC", - "url" : "http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges/" - }, - { - "name" : "http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces/", - "refsource" : "CONFIRM", - "url" : "http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces/" - }, - { - "name" : "https://huntcve.github.io/2017/02/13/cveupdate/", - "refsource" : "CONFIRM", - "url" : "https://huntcve.github.io/2017/02/13/cveupdate/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated \"WRITE_SMS\" permission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges/", + "refsource": "MISC", + "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges/" + }, + { + "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces/", + "refsource": "CONFIRM", + "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces/" + }, + { + "name": "https://huntcve.github.io/2017/02/13/cveupdate/", + "refsource": "CONFIRM", + "url": "https://huntcve.github.io/2017/02/13/cveupdate/" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3848.json b/2015/3xxx/CVE-2015-3848.json index 0c002f686bd..c37b27ccefb 100644 --- a/2015/3xxx/CVE-2015-3848.json +++ b/2015/3xxx/CVE-2015-3848.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3848", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3848", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6116.json b/2015/6xxx/CVE-2015-6116.json index 9d1a5a73e85..bda91395821 100644 --- a/2015/6xxx/CVE-2015-6116.json +++ b/2015/6xxx/CVE-2015-6116.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6116", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6116", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6231.json b/2015/6xxx/CVE-2015-6231.json index 27c8ebd563e..2a576ffb63b 100644 --- a/2015/6xxx/CVE-2015-6231.json +++ b/2015/6xxx/CVE-2015-6231.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6231", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6231", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6770.json b/2015/6xxx/CVE-2015-6770.json index 416239155aa..0c6bf3ba38c 100644 --- a/2015/6xxx/CVE-2015-6770.json +++ b/2015/6xxx/CVE-2015-6770.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=541206", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=541206" - }, - { - "name" : "DSA-3415", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3415" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "USN-2825-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2825-1" - }, - { - "name" : "78416", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78416" - }, - { - "name" : "1034298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "USN-2825-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2825-1" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "78416", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78416" + }, + { + "name": "DSA-3415", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3415" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=541206", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=541206" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + }, + { + "name": "1034298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034298" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7269.json b/2015/7xxx/CVE-2015-7269.json index 37998d134dc..0a0ef73a3a1 100644 --- a/2015/7xxx/CVE-2015-7269.json +++ b/2015/7xxx/CVE-2015-7269.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7269", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a \"Hot Unplug Attack.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7269", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf", - "refsource" : "MISC", - "url" : "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf" - }, - { - "name" : "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html", - "refsource" : "MISC", - "url" : "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a \"Hot Unplug Attack.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html", + "refsource": "MISC", + "url": "https://www.infoworld.com/article/3004913/encryption/self-encrypting-drives-are-hardly-any-better-than-software-based-encryption.html" + }, + { + "name": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf", + "refsource": "MISC", + "url": "https://www.blackhat.com/docs/eu-15/materials/eu-15-Boteanu-Bypassing-Self-Encrypting-Drives-SED-In-Enterprise-Environments-wp.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7338.json b/2015/7xxx/CVE-2015-7338.json index 2f9fa42ac43..771173df615 100644 --- a/2015/7xxx/CVE-2015-7338.json +++ b/2015/7xxx/CVE-2015-7338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7338", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7338", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7624.json b/2015/7xxx/CVE-2015-7624.json index 399e37ceaea..a3596833423 100644 --- a/2015/7xxx/CVE-2015-7624.json +++ b/2015/7xxx/CVE-2015-7624.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7624", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-6706." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7624", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6705, and CVE-2015-6706." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8840.json b/2015/8xxx/CVE-2015-8840.json index 13f582cbb8f..98f56c0304f 100644 --- a/2015/8xxx/CVE-2015-8840.json +++ b/2015/8xxx/CVE-2015-8840.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8840", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/" - }, - { - "name" : "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", - "refsource" : "MISC", - "url" : "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015", + "refsource": "MISC", + "url": "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015" + }, + { + "name": "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8942.json b/2015/8xxx/CVE-2015-8942.json index f4ea425447b..c4202f7608d 100644 --- a/2015/8xxx/CVE-2015-8942.json +++ b/2015/8xxx/CVE-2015-8942.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8942", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814652 and Qualcomm internal bug CR803246." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8942", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=9ec380c06bbd79493828fcc3c876d8a53fd3369f", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=9ec380c06bbd79493828fcc3c876d8a53fd3369f" - }, - { - "name" : "92219", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814652 and Qualcomm internal bug CR803246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=9ec380c06bbd79493828fcc3c876d8a53fd3369f", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=9ec380c06bbd79493828fcc3c876d8a53fd3369f" + }, + { + "name": "92219", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92219" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0281.json b/2016/0xxx/CVE-2016-0281.json index ed620318142..54e1589cbc7 100644 --- a/2016/0xxx/CVE-2016-0281.json +++ b/2016/0xxx/CVE-2016-0281.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0281", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0281", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc", - "refsource" : "CONFIRM", - "url" : "http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc" - }, - { - "name" : "IV80569", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80569" - }, - { - "name" : "IV81357", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV81357" - }, - { - "name" : "IV81459", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV81459" - }, - { - "name" : "IV82421", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV82421" - }, - { - "name" : "IV84184", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84184" - }, - { - "name" : "92193", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92193" - }, - { - "name" : "1036481", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036481" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036481", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036481" + }, + { + "name": "92193", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92193" + }, + { + "name": "IV84184", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84184" + }, + { + "name": "IV82421", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV82421" + }, + { + "name": "IV81459", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV81459" + }, + { + "name": "IV80569", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV80569" + }, + { + "name": "IV81357", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV81357" + }, + { + "name": "http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc", + "refsource": "CONFIRM", + "url": "http://aix.software.ibm.com/aix/efixes/security/mustendd_advisory.asc" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0432.json b/2016/0xxx/CVE-2016-0432.json index 04baf9e06a5..c83229d9649 100644 --- a/2016/0xxx/CVE-2016-0432.json +++ b/2016/0xxx/CVE-2016-0432.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034711" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0743.json b/2016/0xxx/CVE-2016-0743.json index 04a224ab224..8a57bd06f9b 100644 --- a/2016/0xxx/CVE-2016-0743.json +++ b/2016/0xxx/CVE-2016-0743.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0743", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0743", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0835.json b/2016/0xxx/CVE-2016-0835.json index fa8809f1341..392f374bb4e 100644 --- a/2016/0xxx/CVE-2016-0835.json +++ b/2016/0xxx/CVE-2016-0835.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0835", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a certain negative value, aka internal bug 26070014." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0835", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-04-02.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-04-02.html" - }, - { - "name" : "https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1" - }, - { - "name" : "https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a certain negative value, aka internal bug 26070014." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301" + }, + { + "name": "https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1" + }, + { + "name": "http://source.android.com/security/bulletin/2016-04-02.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-04-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0973.json b/2016/0xxx/CVE-2016-0973.json index cefdd00e860..f6c03628f6f 100644 --- a/2016/0xxx/CVE-2016-0973.json +++ b/2016/0xxx/CVE-2016-0973.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-161/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-161/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "RHSA-2016:0166", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" - }, - { - "name" : "SUSE-SU-2016:0398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" - }, - { - "name" : "SUSE-SU-2016:0400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:0412", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0415", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" - }, - { - "name" : "1034970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the URLRequest object implementation in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via a URLLoader.load call, a different vulnerability than CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" + }, + { + "name": "1034970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034970" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-161/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-161/" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "RHSA-2016:0166", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" + }, + { + "name": "openSUSE-SU-2016:0415", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" + }, + { + "name": "openSUSE-SU-2016:0412", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" + }, + { + "name": "SUSE-SU-2016:0398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000100.json b/2016/1000xxx/CVE-2016-1000100.json index 95fe92f6f96..e699c604c9c 100644 --- a/2016/1000xxx/CVE-2016-1000100.json +++ b/2016/1000xxx/CVE-2016-1000100.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000100", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5385. Reason: This candidate is a duplicate of CVE-2016-5385. Notes: All CVE users should reference CVE-2016-5385 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000100", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5385. Reason: This candidate is a duplicate of CVE-2016-5385. Notes: All CVE users should reference CVE-2016-5385 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1248.json b/2016/1xxx/CVE-2016-1248.json index 91a176ba001..fe743b1b141 100644 --- a/2016/1xxx/CVE-2016-1248.json +++ b/2016/1xxx/CVE-2016-1248.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@debian.org", - "ID" : "CVE-2016-1248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "vim before patch 8.0.0056", - "version" : { - "version_data" : [ - { - "version_value" : "vim before patch 8.0.0056" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "OS command injection" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "vim before patch 8.0.0056", + "version": { + "version_data": [ + { + "version_value": "vim before patch 8.0.0056" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20161122 [SECURITY] [DLA 718-1] vim security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html" - }, - { - "name" : "http://openwall.com/lists/oss-security/2016/11/22/20", - "refsource" : "CONFIRM", - "url" : "http://openwall.com/lists/oss-security/2016/11/22/20" - }, - { - "name" : "https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog", - "refsource" : "CONFIRM", - "url" : "https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog" - }, - { - "name" : "https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040", - "refsource" : "CONFIRM", - "url" : "https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040" - }, - { - "name" : "https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a", - "refsource" : "CONFIRM", - "url" : "https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a" - }, - { - "name" : "https://github.com/vim/vim/releases/tag/v8.0.0056", - "refsource" : "CONFIRM", - "url" : "https://github.com/vim/vim/releases/tag/v8.0.0056" - }, - { - "name" : "https://lists.debian.org/debian-security-announce/2016/msg00305.html", - "refsource" : "CONFIRM", - "url" : "https://lists.debian.org/debian-security-announce/2016/msg00305.html" - }, - { - "name" : "DSA-3722", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3722" - }, - { - "name" : "GLSA-201701-29", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-29" - }, - { - "name" : "RHSA-2016:2972", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2972.html" - }, - { - "name" : "USN-3139-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3139-1" - }, - { - "name" : "94478", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94478" - }, - { - "name" : "1037338", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "OS command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://lists.debian.org/debian-security-announce/2016/msg00305.html", + "refsource": "CONFIRM", + "url": "https://lists.debian.org/debian-security-announce/2016/msg00305.html" + }, + { + "name": "http://openwall.com/lists/oss-security/2016/11/22/20", + "refsource": "CONFIRM", + "url": "http://openwall.com/lists/oss-security/2016/11/22/20" + }, + { + "name": "GLSA-201701-29", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-29" + }, + { + "name": "DSA-3722", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3722" + }, + { + "name": "https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a", + "refsource": "CONFIRM", + "url": "https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a" + }, + { + "name": "[debian-lts-announce] 20161122 [SECURITY] [DLA 718-1] vim security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html" + }, + { + "name": "USN-3139-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3139-1" + }, + { + "name": "1037338", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037338" + }, + { + "name": "https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040", + "refsource": "CONFIRM", + "url": "https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040" + }, + { + "name": "94478", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94478" + }, + { + "name": "https://github.com/vim/vim/releases/tag/v8.0.0056", + "refsource": "CONFIRM", + "url": "https://github.com/vim/vim/releases/tag/v8.0.0056" + }, + { + "name": "RHSA-2016:2972", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2972.html" + }, + { + "name": "https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog", + "refsource": "CONFIRM", + "url": "https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1313.json b/2016/1xxx/CVE-2016-1313.json index 1507387648b..82a8e4af12b 100644 --- a/2016/1xxx/CVE-2016-1313.json +++ b/2016/1xxx/CVE-2016-1313.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1313", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1313", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160406 Cisco UCS Invicta Default SSH Key Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs" - }, - { - "name" : "1035496", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035496" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035496", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035496" + }, + { + "name": "20160406 Cisco UCS Invicta Default SSH Key Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1382.json b/2016/1xxx/CVE-2016-1382.json index ddab3e50c0e..2bbd3dedd7c 100644 --- a/2016/1xxx/CVE-2016-1382.json +++ b/2016/1xxx/CVE-2016-1382.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1382", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1382", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160518 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3" - }, - { - "name" : "1035910", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035910" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035910", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035910" + }, + { + "name": "20160518 Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa3" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1452.json b/2016/1xxx/CVE-2016-1452.json index 598975c7924..c3d49c27f37 100644 --- a/2016/1xxx/CVE-2016-1452.json +++ b/2016/1xxx/CVE-2016-1452.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160713 Cisco ASR 5000 Series SNMP Community String Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr" - }, - { - "name" : "91756", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91756" - }, - { - "name" : "1036298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036298" + }, + { + "name": "20160713 Cisco ASR 5000 Series SNMP Community String Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr" + }, + { + "name": "91756", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91756" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5075.json b/2016/5xxx/CVE-2016-5075.json index 9d987fc4ede..d3f9b93b5b7 100644 --- a/2016/5xxx/CVE-2016-5075.json +++ b/2016/5xxx/CVE-2016-5075.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5075", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "CloudView NMS before 2.10a", - "version" : { - "version_data" : [ - { - "version_value" : "CloudView NMS before 2.10a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CloudView NMS before 2.10a has XSS via a TELNET login." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XSS" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5075", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CloudView NMS before 2.10a", + "version": { + "version_data": [ + { + "version_value": "CloudView NMS before 2.10a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CloudView NMS before 2.10a has XSS via a TELNET login." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/infosec/blog/2016/09/07/multiple-disclosures-for-multiple-network-management-systems-part-2" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5376.json b/2016/5xxx/CVE-2016-5376.json index afbaa2477cc..2ffb73781d9 100644 --- a/2016/5xxx/CVE-2016-5376.json +++ b/2016/5xxx/CVE-2016-5376.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5376", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5376", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5445.json b/2016/5xxx/CVE-2016-5445.json index 85af138162e..8a662b36441 100644 --- a/2016/5xxx/CVE-2016-5445.json +++ b/2016/5xxx/CVE-2016-5445.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91991" - }, - { - "name" : "1036408", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036408", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036408" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91991" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5827.json b/2016/5xxx/CVE-2016-5827.json index a7a53973028..ce6cea6060a 100644 --- a/2016/5xxx/CVE-2016-5827.json +++ b/2016/5xxx/CVE-2016-5827.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5827", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/25/4" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043" - }, - { - "name" : "91459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted string to the icalparser_parse_string function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91459" + }, + { + "name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/25/4" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281043" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5969.json b/2016/5xxx/CVE-2016-5969.json index 2a3ac56dc27..0be3148b020 100644 --- a/2016/5xxx/CVE-2016-5969.json +++ b/2016/5xxx/CVE-2016-5969.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5969", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5969", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0178.json b/2019/0xxx/CVE-2019-0178.json index 757303727ac..61a74bfb884 100644 --- a/2019/0xxx/CVE-2019-0178.json +++ b/2019/0xxx/CVE-2019-0178.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0178", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0178", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0223.json b/2019/0xxx/CVE-2019-0223.json index 0c6b585575b..741f45d9f68 100644 --- a/2019/0xxx/CVE-2019-0223.json +++ b/2019/0xxx/CVE-2019-0223.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0223", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0223", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0369.json b/2019/0xxx/CVE-2019-0369.json index 2a7a091f12e..d0720dd0de1 100644 --- a/2019/0xxx/CVE-2019-0369.json +++ b/2019/0xxx/CVE-2019-0369.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0369", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0369", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0750.json b/2019/0xxx/CVE-2019-0750.json index d40bff995b4..e5be4c89326 100644 --- a/2019/0xxx/CVE-2019-0750.json +++ b/2019/0xxx/CVE-2019-0750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1162.json b/2019/1xxx/CVE-2019-1162.json index 1e60dfb96aa..af3b6c63858 100644 --- a/2019/1xxx/CVE-2019-1162.json +++ b/2019/1xxx/CVE-2019-1162.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1162", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1162", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1434.json b/2019/1xxx/CVE-2019-1434.json index a01918dec21..db6e56cf814 100644 --- a/2019/1xxx/CVE-2019-1434.json +++ b/2019/1xxx/CVE-2019-1434.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1434", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1434", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1490.json b/2019/1xxx/CVE-2019-1490.json index 4f88e19f20d..ea80c8d87b8 100644 --- a/2019/1xxx/CVE-2019-1490.json +++ b/2019/1xxx/CVE-2019-1490.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1490", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1490", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1492.json b/2019/1xxx/CVE-2019-1492.json index f1e71a67954..d52c710092e 100644 --- a/2019/1xxx/CVE-2019-1492.json +++ b/2019/1xxx/CVE-2019-1492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1700.json b/2019/1xxx/CVE-2019-1700.json index 6b5118877ff..38c990e2561 100644 --- a/2019/1xxx/CVE-2019-1700.json +++ b/2019/1xxx/CVE-2019-1700.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-02-20T16:00:00-0800", - "ID" : "CVE-2019-1700", - "STATE" : "PUBLIC", - "TITLE" : "Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge Denial of Service Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Firepower Extensible Operating System (FXOS) ", - "version" : { - "version_data" : [ - { - "version_value" : "2.2" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Manual intervention may be required before a device will resume normal operations. The vulnerability is due to a logic error in the FPGA related to the processing of different types of input packets. An attacker could exploit this vulnerability by being on the adjacent subnet and sending a crafted sequence of input packets to a specific interface on an affected device. A successful exploit could allow the attacker to cause a queue wedge condition on the interface. When a wedge occurs, the affected device will stop processing any additional packets that are received on the wedged interface. Version 2.2 is affected." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "6.1", - "vectorString" : "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-399" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-02-20T16:00:00-0800", + "ID": "CVE-2019-1700", + "STATE": "PUBLIC", + "TITLE": "Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge Denial of Service Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Extensible Operating System (FXOS) ", + "version": { + "version_data": [ + { + "version_value": "2.2" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190220 Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos" - }, - { - "name" : "107105", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107105" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190220-firpwr-dos", - "defect" : [ - [ - "CSCvn57812" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. Manual intervention may be required before a device will resume normal operations. The vulnerability is due to a logic error in the FPGA related to the processing of different types of input packets. An attacker could exploit this vulnerability by being on the adjacent subnet and sending a crafted sequence of input packets to a specific interface on an affected device. A successful exploit could allow the attacker to cause a queue wedge condition on the interface. When a wedge occurs, the affected device will stop processing any additional packets that are received on the wedged interface. Version 2.2 is affected." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-399" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107105", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107105" + }, + { + "name": "20190220 Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190220-firpwr-dos", + "defect": [ + [ + "CSCvn57812" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3374.json b/2019/3xxx/CVE-2019-3374.json index 71390c7b405..e286da80b38 100644 --- a/2019/3xxx/CVE-2019-3374.json +++ b/2019/3xxx/CVE-2019-3374.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3374", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3374", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4411.json b/2019/4xxx/CVE-2019-4411.json index 30b9fef4516..8ada9803cad 100644 --- a/2019/4xxx/CVE-2019-4411.json +++ b/2019/4xxx/CVE-2019-4411.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4411", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4411", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4548.json b/2019/4xxx/CVE-2019-4548.json index 06075ebdf42..d99024cbe9d 100644 --- a/2019/4xxx/CVE-2019-4548.json +++ b/2019/4xxx/CVE-2019-4548.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4548", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4548", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4874.json b/2019/4xxx/CVE-2019-4874.json index bf2587364e2..f9555449742 100644 --- a/2019/4xxx/CVE-2019-4874.json +++ b/2019/4xxx/CVE-2019-4874.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4874", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4874", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5729.json b/2019/5xxx/CVE-2019-5729.json index d6b1ce7d6fa..ab0f1511fd3 100644 --- a/2019/5xxx/CVE-2019-5729.json +++ b/2019/5xxx/CVE-2019-5729.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5729", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5729", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5826.json b/2019/5xxx/CVE-2019-5826.json index e3270c5a7a2..0ff8c73e4de 100644 --- a/2019/5xxx/CVE-2019-5826.json +++ b/2019/5xxx/CVE-2019-5826.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5826", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5826", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8264.json b/2019/8xxx/CVE-2019-8264.json index 156587fbf5d..75552b53ae6 100644 --- a/2019/8xxx/CVE-2019-8264.json +++ b/2019/8xxx/CVE-2019-8264.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "DATE_PUBLIC" : "2019-03-01T00:00:00", - "ID" : "CVE-2019-8264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UltraVNC", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "Kaspersky Lab" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-788: Access of Memory Location After End of Buffer" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "DATE_PUBLIC": "2019-03-01T00:00:00", + "ID": "CVE-2019-8264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UltraVNC", + "version": { + "version_data": [ + { + "version_value": "1.2.2.3" + } + ] + } + } + ] + }, + "vendor_name": "Kaspersky Lab" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/", - "refsource" : "MISC", - "url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-788: Access of Memory Location After End of Buffer" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/", + "refsource": "MISC", + "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8412.json b/2019/8xxx/CVE-2019-8412.json index 4eb1cf4e58e..399bc95e353 100644 --- a/2019/8xxx/CVE-2019-8412.json +++ b/2019/8xxx/CVE-2019-8412.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\\ or index.php?s=Admin-Data-Del-id-..\\ directory traversal." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/615/cms_vuln/blob/master/feifei.docx", - "refsource" : "MISC", - "url" : "https://github.com/615/cms_vuln/blob/master/feifei.docx" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\\ or index.php?s=Admin-Data-Del-id-..\\ directory traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/615/cms_vuln/blob/master/feifei.docx", + "refsource": "MISC", + "url": "https://github.com/615/cms_vuln/blob/master/feifei.docx" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9470.json b/2019/9xxx/CVE-2019-9470.json index 60495e81d03..90790ca6736 100644 --- a/2019/9xxx/CVE-2019-9470.json +++ b/2019/9xxx/CVE-2019-9470.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9470", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9470", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9536.json b/2019/9xxx/CVE-2019-9536.json index 4a9f02034e4..e01a6fb36db 100644 --- a/2019/9xxx/CVE-2019-9536.json +++ b/2019/9xxx/CVE-2019-9536.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9536", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9536", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9713.json b/2019/9xxx/CVE-2019-9713.json index 02caa68eb33..6182c461e9f 100644 --- a/2019/9xxx/CVE-2019-9713.json +++ b/2019/9xxx/CVE-2019-9713.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://developer.joomla.org/security-centre/775-20190304-core-missing-acl-check-in-sample-data-plugins", - "refsource" : "MISC", - "url" : "https://developer.joomla.org/security-centre/775-20190304-core-missing-acl-check-in-sample-data-plugins" - }, - { - "name" : "107372", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://developer.joomla.org/security-centre/775-20190304-core-missing-acl-check-in-sample-data-plugins", + "refsource": "MISC", + "url": "https://developer.joomla.org/security-centre/775-20190304-core-missing-acl-check-in-sample-data-plugins" + }, + { + "name": "107372", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107372" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9814.json b/2019/9xxx/CVE-2019-9814.json index aa11e895381..380ff58abba 100644 --- a/2019/9xxx/CVE-2019-9814.json +++ b/2019/9xxx/CVE-2019-9814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9814", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9814", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file