diff --git a/1999/0xxx/CVE-1999-0949.json b/1999/0xxx/CVE-1999-0949.json index 9ffb81e6a59..4b80ceb2948 100644 --- a/1999/0xxx/CVE-1999-0949.json +++ b/1999/0xxx/CVE-1999-0949.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0949", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in canuum program for Canna input system allows local users to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0949", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "757", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in canuum program for Canna input system allows local users to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "757", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/757" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0980.json b/1999/0xxx/CVE-1999-0980.json index 151db496eed..eac1b6781cb 100644 --- a/1999/0xxx/CVE-1999-0980.json +++ b/1999/0xxx/CVE-1999-0980.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0980", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0980", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS99-055", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-055" - }, - { - "name" : "Q246045", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q246045", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246045" + }, + { + "name": "MS99-055", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-055" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0420.json b/2000/0xxx/CVE-2000-0420.json index adcff6730b0..b16ef82184c 100644 --- a/2000/0xxx/CVE-2000-0420.json +++ b/2000/0xxx/CVE-2000-0420.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000511 ISS SAVANT Advisory 00/26", - "refsource" : "NTBUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0112.html" - }, - { - "name" : "1198", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000511 ISS SAVANT Advisory 00/26", + "refsource": "NTBUGTRAQ", + "url": "http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0112.html" + }, + { + "name": "1198", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1198" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0704.json b/2000/0xxx/CVE-2000-0704.json index e17a20dd920..15978f03a86 100644 --- a/2000/0xxx/CVE-2000-0704.json +++ b/2000/0xxx/CVE-2000-0704.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0704", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0704", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000803-01-A", - "refsource" : "SGI", - "url" : "ftp://sgigate.sgi.com/security/20000803-01-A" - }, - { - "name" : "1603", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1603" - }, - { - "name" : "11080", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/11080" - }, - { - "name" : "irix-worldview-wnn-bo(5163)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000803-01-A", + "refsource": "SGI", + "url": "ftp://sgigate.sgi.com/security/20000803-01-A" + }, + { + "name": "1603", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1603" + }, + { + "name": "11080", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/11080" + }, + { + "name": "irix-worldview-wnn-bo(5163)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5163" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0746.json b/2000/0xxx/CVE-2000-0746.json index ef1d5b9affb..1ad65f8955b 100644 --- a/2000/0xxx/CVE-2000-0746.json +++ b/2000/0xxx/CVE-2000-0746.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=39A12BD6.E811BF4F@nat.bg" - }, - { - "name" : "MS00-060", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060" - }, - { - "name" : "1594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1594" - }, - { - "name" : "1595", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1595" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=39A12BD6.E811BF4F@nat.bg" + }, + { + "name": "1594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1594" + }, + { + "name": "1595", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1595" + }, + { + "name": "MS00-060", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0839.json b/2000/0xxx/CVE-2000-0839.json index 2ad9e0ec1bb..279e26951db 100644 --- a/2000/0xxx/CVE-2000-0839.json +++ b/2000/0xxx/CVE-2000-0839.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0839", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0839", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000919 VIGILANTE-2000013: WinCOM LPD DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0212.html" - }, - { - "name" : "1701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1701" - }, - { - "name" : "wincom-lpd-dos(5258)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5258" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000919 VIGILANTE-2000013: WinCOM LPD DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0212.html" + }, + { + "name": "1701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1701" + }, + { + "name": "wincom-lpd-dos(5258)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5258" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0917.json b/2000/0xxx/CVE-2000-0917.json index e8c8390f6f3..842b69acd9e 100644 --- a/2000/0xxx/CVE-2000-0917.json +++ b/2000/0xxx/CVE-2000-0917.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0917", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0917", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000925 Format strings: bug #2: LPRng", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" - }, - { - "name" : "CA-2000-22", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-22.html" - }, - { - "name" : "CSSA-2000-033.0", - "refsource" : "CALDERA", - "url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" - }, - { - "name" : "RHSA-2000:065", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-065.html" - }, - { - "name" : "FreeBSD-SA-00:56", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" - }, - { - "name" : "lprng-format-string(5287)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" - }, - { - "name" : "1712", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1712" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-00:56", + "refsource": "FREEBSD", + "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" + }, + { + "name": "CSSA-2000-033.0", + "refsource": "CALDERA", + "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" + }, + { + "name": "CA-2000-22", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-22.html" + }, + { + "name": "20000925 Format strings: bug #2: LPRng", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" + }, + { + "name": "RHSA-2000:065", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" + }, + { + "name": "lprng-format-string(5287)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" + }, + { + "name": "1712", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1712" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0961.json b/2000/0xxx/CVE-2000-0961.json index 1652bf66d7a..b7674dcb0d3 100644 --- a/2000/0xxx/CVE-2000-0961.json +++ b/2000/0xxx/CVE-2000-0961.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000928 commercial products and security [ + new bug ]", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html" - }, - { - "name" : "1721", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1721" - }, - { - "name" : "netscape-messaging-list-dos(5292)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1721", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1721" + }, + { + "name": "20000928 commercial products and security [ + new bug ]", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html" + }, + { + "name": "netscape-messaging-list-dos(5292)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5292" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1266.json b/2007/1xxx/CVE-2007-1266.json index c348490b1bd..d1529ac8e6d 100644 --- a/2007/1xxx/CVE-2007-1266.json +++ b/2007/1xxx/CVE-2007-1266.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability ", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461958/100/0/threaded" - }, - { - "name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" - }, - { - "name" : "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", - "refsource" : "MLIST", - "url" : "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" - }, - { - "name" : "http://www.coresecurity.com/?action=item&id=1687", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/?action=item&id=1687" - }, - { - "name" : "22760", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22760" - }, - { - "name" : "ADV-2007-0835", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0835" - }, - { - "name" : "1017727", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017727" - }, - { - "name" : "24412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24412" - }, - { - "name" : "2353", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", + "refsource": "MLIST", + "url": "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" + }, + { + "name": "2353", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2353" + }, + { + "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" + }, + { + "name": "22760", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22760" + }, + { + "name": "http://www.coresecurity.com/?action=item&id=1687", + "refsource": "MISC", + "url": "http://www.coresecurity.com/?action=item&id=1687" + }, + { + "refsource": "BUGTRAQ", + "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", + "url": "http://www.securityfocus.com/archive/1/461958/100/0/threaded" + }, + { + "name": "24412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24412" + }, + { + "name": "1017727", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017727" + }, + { + "name": "ADV-2007-0835", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0835" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1586.json b/2007/1xxx/CVE-2007-1586.json index 2d952bed978..aee9394fe45 100644 --- a/2007/1xxx/CVE-2007-1586.json +++ b/2007/1xxx/CVE-2007-1586.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1586", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZynOS 3.40 allows remote attackers to cause a denial of service (link restart) by sending a request for the name \\M via the SMB Mail Slot Protocol." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1586", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070319 ZynOS v3.40 One packet killer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463238/100/0/threaded" - }, - { - "name" : "23061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23061" - }, - { - "name" : "34522", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34522" - }, - { - "name" : "1017795", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017795" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZynOS 3.40 allows remote attackers to cause a denial of service (link restart) by sending a request for the name \\M via the SMB Mail Slot Protocol." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34522", + "refsource": "OSVDB", + "url": "http://osvdb.org/34522" + }, + { + "name": "23061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23061" + }, + { + "name": "20070319 ZynOS v3.40 One packet killer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463238/100/0/threaded" + }, + { + "name": "1017795", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017795" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1796.json b/2007/1xxx/CVE-2007-1796.json index 62c56fe9527..e3b0dc3d10c 100644 --- a/2007/1xxx/CVE-2007-1796.json +++ b/2007/1xxx/CVE-2007-1796.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8", - "refsource" : "CONFIRM", - "url" : "http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8" - }, - { - "name" : "34988", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34988" - }, - { - "name" : "urlshrink-email-command-execution(33320)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33320" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8", + "refsource": "CONFIRM", + "url": "http://developers.jccorp.net/modules/newbb/viewtopic.php?topic_id=33&forum=8" + }, + { + "name": "34988", + "refsource": "OSVDB", + "url": "http://osvdb.org/34988" + }, + { + "name": "urlshrink-email-command-execution(33320)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33320" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5415.json b/2007/5xxx/CVE-2007-5415.json index a1929f95eb3..e747be32ed9 100644 --- a/2007/5xxx/CVE-2007-5415.json +++ b/2007/5xxx/CVE-2007-5415.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' (slash) characters to delimit a literal string within an XSS sequence, a related issue to CVE-2007-5414." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 Vulnerabilities digest", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" - }, - { - "name" : "3216", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses '/' (slash) characters to delimit a literal string within an XSS sequence, a related issue to CVE-2007-5414." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071010 Vulnerabilities digest", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded" + }, + { + "name": "3216", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3216" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5667.json b/2007/5xxx/CVE-2007-5667.json index 4357c204d2b..81c166cf450 100644 --- a/2007/5xxx/CVE-2007-5667.json +++ b/2007/5xxx/CVE-2007-5667.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \\.\\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071112 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626" - }, - { - "name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html" - }, - { - "name" : "26420", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26420" - }, - { - "name" : "ADV-2007-3846", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3846" - }, - { - "name" : "40867", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40867" - }, - { - "name" : "1018943", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018943" - }, - { - "name" : "27678", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27678" - }, - { - "name" : "novell-client-nwfilter-privilege-escalation(38434)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \\.\\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27678", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27678" + }, + { + "name": "novell-client-nwfilter-privilege-escalation(38434)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434" + }, + { + "name": "1018943", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018943" + }, + { + "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html" + }, + { + "name": "ADV-2007-3846", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3846" + }, + { + "name": "26420", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26420" + }, + { + "name": "40867", + "refsource": "OSVDB", + "url": "http://osvdb.org/40867" + }, + { + "name": "20071112 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5904.json b/2007/5xxx/CVE-2007-5904.json index a5b09051132..e1ff2469e5c 100644 --- a/2007/5xxx/CVE-2007-5904.json +++ b/2007/5xxx/CVE-2007-5904.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080208 rPSA-2008-0048-1 kernel", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487808/100/0/threaded" - }, - { - "name" : "[linux-kernel] 20071108 Buffer overflow in CIFS VFS.", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-kernel&m=119455843205403&w=2" - }, - { - "name" : "[linux-kernel] 20071109 Re: Fw: Buffer overflow in CIFS VFS.", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-kernel&m=119457447724276&w=2" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3" - }, - { - "name" : "DSA-1428", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1428" - }, - { - "name" : "RHSA-2008:0089", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0089.html" - }, - { - "name" : "RHSA-2008:0167", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0167.html" - }, - { - "name" : "SUSE-SA:2007:063", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_63_kernel.html" - }, - { - "name" : "SUSE-SA:2007:064", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html" - }, - { - "name" : "SUSE-SA:2008:013", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html" - }, - { - "name" : "SUSE-SA:2008:017", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html" - }, - { - "name" : "SUSE-SA:2008:030", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html" - }, - { - "name" : "USN-618-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-618-1" - }, - { - "name" : "26438", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26438" - }, - { - "name" : "oval:org.mitre.oval:def:9901", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9901" - }, - { - "name" : "ADV-2007-3860", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3860" - }, - { - "name" : "1019612", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019612" - }, - { - "name" : "27666", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27666" - }, - { - "name" : "27888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27888" - }, - { - "name" : "27912", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27912" - }, - { - "name" : "28826", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28826" - }, - { - "name" : "28643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28643" - }, - { - "name" : "29245", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29245" - }, - { - "name" : "29387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29387" - }, - { - "name" : "29570", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29570" - }, - { - "name" : "30769", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30769" - }, - { - "name" : "30818", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30818" - }, - { - "name" : "kernel-cifsvfs-sendreceive-bo(38450)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38450" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080208 rPSA-2008-0048-1 kernel", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487808/100/0/threaded" + }, + { + "name": "SUSE-SA:2008:017", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html" + }, + { + "name": "26438", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26438" + }, + { + "name": "28643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28643" + }, + { + "name": "oval:org.mitre.oval:def:9901", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9901" + }, + { + "name": "USN-618-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-618-1" + }, + { + "name": "28826", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28826" + }, + { + "name": "SUSE-SA:2008:013", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html" + }, + { + "name": "29387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29387" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0048" + }, + { + "name": "DSA-1428", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1428" + }, + { + "name": "27912", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27912" + }, + { + "name": "SUSE-SA:2007:063", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_63_kernel.html" + }, + { + "name": "29245", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29245" + }, + { + "name": "RHSA-2008:0167", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0167.html" + }, + { + "name": "SUSE-SA:2007:064", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html" + }, + { + "name": "[linux-kernel] 20071108 Buffer overflow in CIFS VFS.", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-kernel&m=119455843205403&w=2" + }, + { + "name": "1019612", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019612" + }, + { + "name": "27666", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27666" + }, + { + "name": "ADV-2007-3860", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3860" + }, + { + "name": "30769", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30769" + }, + { + "name": "RHSA-2008:0089", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0089.html" + }, + { + "name": "[linux-kernel] 20071109 Re: Fw: Buffer overflow in CIFS VFS.", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-kernel&m=119457447724276&w=2" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=commitdiff;h=133672efbc1085f9af990bdc145e1822ea93bcf3" + }, + { + "name": "SUSE-SA:2008:030", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html" + }, + { + "name": "27888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27888" + }, + { + "name": "29570", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29570" + }, + { + "name": "30818", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30818" + }, + { + "name": "kernel-cifsvfs-sendreceive-bo(38450)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38450" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3106.json b/2015/3xxx/CVE-2015-3106.json index 12d49b2f4e2..59d01db8bc4 100644 --- a/2015/3xxx/CVE-2015-3106.json +++ b/2015/3xxx/CVE-2015-3106.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3107." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37847", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37847/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" - }, - { - "name" : "GLSA-201506-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201506-01" - }, - { - "name" : "RHSA-2015:1086", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html" - }, - { - "name" : "SUSE-SU-2015:1043", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" - }, - { - "name" : "openSUSE-SU-2015:1047", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:1061", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" - }, - { - "name" : "75087", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75087" - }, - { - "name" : "1032519", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3107." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37847", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37847/" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" + }, + { + "name": "75087", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75087" + }, + { + "name": "1032519", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032519" + }, + { + "name": "openSUSE-SU-2015:1047", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" + }, + { + "name": "GLSA-201506-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201506-01" + }, + { + "name": "SUSE-SU-2015:1043", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" + }, + { + "name": "openSUSE-SU-2015:1061", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" + }, + { + "name": "RHSA-2015:1086", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3196.json b/2015/3xxx/CVE-2015-3196.json index e23b0c8bfd6..3e7f6f8db31 100644 --- a/2015/3xxx/CVE-2015-3196.json +++ b/2015/3xxx/CVE-2015-3196.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://openssl.org/news/secadv/20151203.txt", - "refsource" : "CONFIRM", - "url" : "http://openssl.org/news/secadv/20151203.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c" - }, - { - "name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100", - "refsource" : "CONFIRM", - "url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "http://fortiguard.com/advisory/openssl-advisory-december-2015", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/openssl-advisory-december-2015" - }, - { - "name" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl" - }, - { - "name" : "DSA-3413", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3413" - }, - { - "name" : "FEDORA-2015-d87d60b9a9", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html" - }, - { - "name" : "HPSBGN03536", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145382583417444&w=2" - }, - { - "name" : "RHSA-2015:2617", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2617.html" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "SSA:2015-349-04", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583" - }, - { - "name" : "openSUSE-SU-2015:2288", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html" - }, - { - "name" : "openSUSE-SU-2015:2289", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html" - }, - { - "name" : "USN-2830-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2830-1" - }, - { - "name" : "78622", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78622" - }, - { - "name" : "1034294", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173" + }, + { + "name": "openSUSE-SU-2015:2288", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c" + }, + { + "name": "RHSA-2015:2617", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2617.html" + }, + { + "name": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015" + }, + { + "name": "SSA:2015-349-04", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583" + }, + { + "name": "78622", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78622" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100", + "refsource": "CONFIRM", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" + }, + { + "name": "HPSBGN03536", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145382583417444&w=2" + }, + { + "name": "USN-2830-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2830-1" + }, + { + "name": "openSUSE-SU-2015:2289", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html" + }, + { + "name": "FEDORA-2015-d87d60b9a9", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "http://openssl.org/news/secadv/20151203.txt", + "refsource": "CONFIRM", + "url": "http://openssl.org/news/secadv/20151203.txt" + }, + { + "name": "1034294", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034294" + }, + { + "name": "http://fortiguard.com/advisory/openssl-advisory-december-2015", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/openssl-advisory-december-2015" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322" + }, + { + "name": "DSA-3413", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3413" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3436.json b/2015/3xxx/CVE-2015-3436.json index 78ec1d47287..1e9db288f4e 100644 --- a/2015/3xxx/CVE-2015-3436.json +++ b/2015/3xxx/CVE-2015-3436.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3436", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jira.zarafa.com/browse/ZCP-13282", - "refsource" : "CONFIRM", - "url" : "https://jira.zarafa.com/browse/ZCP-13282" - }, - { - "name" : "FEDORA-2015-8479", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159455.html" - }, - { - "name" : "FEDORA-2015-8487", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159497.html" - }, - { - "name" : "75104", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75104" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-8479", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159455.html" + }, + { + "name": "75104", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75104" + }, + { + "name": "FEDORA-2015-8487", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159497.html" + }, + { + "name": "https://jira.zarafa.com/browse/ZCP-13282", + "refsource": "CONFIRM", + "url": "https://jira.zarafa.com/browse/ZCP-13282" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3706.json b/2015/3xxx/CVE-2015-3706.json index b1b7543f138..3f4b47dd690 100644 --- a/2015/3xxx/CVE-2015-3706.json +++ b/2015/3xxx/CVE-2015-3706.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3743.json b/2015/3xxx/CVE-2015-3743.json index 84e7e8e6288..8c7f6d22cd0 100644 --- a/2015/3xxx/CVE-2015-3743.json +++ b/2015/3xxx/CVE-2015-3743.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3743", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "https://support.apple.com/kb/HT205033", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205033" - }, - { - "name" : "https://support.apple.com/HT205221", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205221" - }, - { - "name" : "APPLE-SA-2015-08-13-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-09-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:0915", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" - }, - { - "name" : "USN-2937-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2937-1" - }, - { - "name" : "76338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76338" - }, - { - "name" : "1033274", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205221", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205221" + }, + { + "name": "1033274", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033274" + }, + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "APPLE-SA-2015-09-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + }, + { + "name": "openSUSE-SU-2016:0915", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" + }, + { + "name": "76338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76338" + }, + { + "name": "APPLE-SA-2015-08-13-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" + }, + { + "name": "https://support.apple.com/kb/HT205033", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205033" + }, + { + "name": "USN-2937-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2937-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6367.json b/2015/6xxx/CVE-2015-6367.json index 57e94766d59..ee1e3db83ff 100644 --- a/2015/6xxx/CVE-2015-6367.json +++ b/2015/6xxx/CVE-2015-6367.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6367", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151113 Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet" - }, - { - "name" : "1034157", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151113 Cisco Aironet 1800 Series Access Point SSHv2 Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet" + }, + { + "name": "1034157", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034157" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6686.json b/2015/6xxx/CVE-2015-6686.json index 18918f4a938..6f2a62f8a3b 100644 --- a/2015/6xxx/CVE-2015-6686.json +++ b/2015/6xxx/CVE-2015-6686.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6686", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerability than CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6686", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-466", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-466" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerability than CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-466", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-466" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7607.json b/2015/7xxx/CVE-2015-7607.json index adf120d6f37..da8b72be3ea 100644 --- a/2015/7xxx/CVE-2015-7607.json +++ b/2015/7xxx/CVE-2015-7607.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7607", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7607", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7608.json b/2015/7xxx/CVE-2015-7608.json index dda8d588453..01ba581f7d0 100644 --- a/2015/7xxx/CVE-2015-7608.json +++ b/2015/7xxx/CVE-2015-7608.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7608", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7608", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7656.json b/2015/7xxx/CVE-2015-7656.json index 8c9a98b65b3..c536e7b1b81 100644 --- a/2015/7xxx/CVE-2015-7656.json +++ b/2015/7xxx/CVE-2015-7656.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-558", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-558" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html" - }, - { - "name" : "GLSA-201511-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201511-02" - }, - { - "name" : "RHSA-2015:2023", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2023.html" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "openSUSE-SU-2015:1984", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html" - }, - { - "name" : "77533", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77533" - }, - { - "name" : "1034111", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034111", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034111" + }, + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-558", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-558" + }, + { + "name": "openSUSE-SU-2015:1984", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html" + }, + { + "name": "GLSA-201511-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201511-02" + }, + { + "name": "77533", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77533" + }, + { + "name": "RHSA-2015:2023", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2023.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7842.json b/2015/7xxx/CVE-2015-7842.json index be0cb39d043..cdcfe444a89 100644 --- a/2015/7xxx/CVE-2015-7842.json +++ b/2015/7xxx/CVE-2015-7842.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm" - }, - { - "name" : "76836", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76836" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454418.htm" + }, + { + "name": "76836", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76836" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7875.json b/2015/7xxx/CVE-2015-7875.json index 9aa8168b7f1..df7e92f4d33 100644 --- a/2015/7xxx/CVE-2015-7875.json +++ b/2015/7xxx/CVE-2015-7875.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7875", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the \"edit\" permission for the \"content type\" plugins that are used on Panels and similar systems to place content and functionality on a page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151021 Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/21/2" - }, - { - "name" : "https://www.drupal.org/node/2554145", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2554145" - }, - { - "name" : "76441", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the \"edit\" permission for the \"content type\" plugins that are used on Panels and similar systems to place content and functionality on a page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2554145", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2554145" + }, + { + "name": "[oss-security] 20151021 Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/21/2" + }, + { + "name": "76441", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76441" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7954.json b/2015/7xxx/CVE-2015-7954.json index 42e971d0698..dd7b920e448 100644 --- a/2015/7xxx/CVE-2015-7954.json +++ b/2015/7xxx/CVE-2015-7954.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7954", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7954", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8189.json b/2015/8xxx/CVE-2015-8189.json index 05f116e515f..7c9902ed755 100644 --- a/2015/8xxx/CVE-2015-8189.json +++ b/2015/8xxx/CVE-2015-8189.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8189", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8189", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8200.json b/2015/8xxx/CVE-2015-8200.json index bac2f0b39e3..4e50697c31c 100644 --- a/2015/8xxx/CVE-2015-8200.json +++ b/2015/8xxx/CVE-2015-8200.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8200", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8200", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8843.json b/2015/8xxx/CVE-2015-8843.json index 08bb17235ee..af75bf4c8f5 100644 --- a/2015/8xxx/CVE-2015-8843.json +++ b/2015/8xxx/CVE-2015-8843.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-640", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-640" - }, - { - "name" : "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35", - "refsource" : "CONFIRM", - "url" : "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x before 7.2.2, when an update to the Cloud plugin is available, allows local users to gain privileges by writing crafted data to a shared memory region, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35", + "refsource": "CONFIRM", + "url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-35" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-640", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-640" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9048.json b/2015/9xxx/CVE-2015-9048.json index af13bb9da75..79628d0fc31 100644 --- a/2015/9xxx/CVE-2015-9048.json +++ b/2015/9xxx/CVE-2015-9048.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2015-9048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Validation of Array Index Vulnerability in RTP" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2015-9048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Validation of Array Index Vulnerability in RTP" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9088.json b/2015/9xxx/CVE-2015-9088.json index 2081173e043..0edebd0a589 100644 --- a/2015/9xxx/CVE-2015-9088.json +++ b/2015/9xxx/CVE-2015-9088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9088", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9088", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9278.json b/2015/9xxx/CVE-2015-9278.json index 78f44e60704..b0a960ca948 100644 --- a/2015/9xxx/CVE-2015-9278.json +++ b/2015/9xxx/CVE-2015-9278.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9278", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt", - "refsource" : "MISC", - "url" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt" - }, - { - "name" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf", - "refsource" : "MISC", - "url" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf" - }, - { - "name" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/", - "refsource" : "MISC", - "url" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf", + "refsource": "MISC", + "url": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf" + }, + { + "name": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/", + "refsource": "MISC", + "url": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/" + }, + { + "name": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt", + "refsource": "MISC", + "url": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0192.json b/2016/0xxx/CVE-2016-0192.json index 3c3dfb5069e..80f9413756d 100644 --- a/2016/0xxx/CVE-2016-0192.json +++ b/2016/0xxx/CVE-2016-0192.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-276", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-276" - }, - { - "name" : "MS16-051", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" - }, - { - "name" : "MS16-052", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052" - }, - { - "name" : "90007", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90007" - }, - { - "name" : "1035820", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035820" - }, - { - "name" : "1035821", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035821" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035821", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035821" + }, + { + "name": "MS16-052", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-052" + }, + { + "name": "MS16-051", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-276", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-276" + }, + { + "name": "90007", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90007" + }, + { + "name": "1035820", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035820" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0672.json b/2016/0xxx/CVE-2016-0672.json index e466cbba73b..a3f44fcf187 100644 --- a/2016/0xxx/CVE-2016-0672.json +++ b/2016/0xxx/CVE-2016-0672.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035604" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0811.json b/2016/0xxx/CVE-2016-0811.json index 0493a6bb5c3..6ff249662e5 100644 --- a/2016/0xxx/CVE-2016-0811.json +++ b/2016/0xxx/CVE-2016-0811.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-02-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-02-01.html" - }, - { - "name" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/22f824feac43d5758f9a70b77f2aca840ba62c3b" + }, + { + "name": "http://source.android.com/security/bulletin/2016-02-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1203.json b/2016/1xxx/CVE-2016-1203.json index f6f0003f768..b6ce10419e1 100644 --- a/2016/1xxx/CVE-2016-1203.json +++ b/2016/1xxx/CVE-2016-1203.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1203", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1203", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1522.json b/2016/1xxx/CVE-2016-1522.json index d5438cbb559..930feb238fe 100644 --- a/2016/1xxx/CVE-2016-1522.json +++ b/2016/1xxx/CVE-2016-1522.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1522", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1522", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", - "refsource" : "MISC", - "url" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3479", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3479" - }, - { - "name" : "FEDORA-2016-338a7e9925", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html" - }, - { - "name" : "FEDORA-2016-4154a4d0ba", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html" - }, - { - "name" : "GLSA-201701-35", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-35" - }, - { - "name" : "GLSA-201701-63", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-63" - }, - { - "name" : "RHSA-2016:0594", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0594.html" - }, - { - "name" : "RHSA-2016:0197", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0197.html" - }, - { - "name" : "RHSA-2016:0258", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0258.html" - }, - { - "name" : "openSUSE-SU-2016:0791", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html" - }, - { - "name" : "USN-2902-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2902-1" - }, - { - "name" : "82991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82991" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-35", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-35" + }, + { + "name": "82991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82991" + }, + { + "name": "USN-2902-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2902-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "RHSA-2016:0594", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2016:0791", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html" + }, + { + "name": "DSA-3479", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3479" + }, + { + "name": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", + "refsource": "MISC", + "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html" + }, + { + "name": "RHSA-2016:0258", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html" + }, + { + "name": "FEDORA-2016-4154a4d0ba", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html" + }, + { + "name": "RHSA-2016:0197", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html" + }, + { + "name": "GLSA-201701-63", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-63" + }, + { + "name": "FEDORA-2016-338a7e9925", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1530.json b/2016/1xxx/CVE-2016-1530.json index 156149caf57..ae6347004b1 100644 --- a/2016/1xxx/CVE-2016-1530.json +++ b/2016/1xxx/CVE-2016-1530.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1530", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1530", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1954.json b/2016/1xxx/CVE-2016-1954.json index dd442cbf38b..9b968e445b7 100644 --- a/2016/1xxx/CVE-2016-1954.json +++ b/2016/1xxx/CVE-2016-1954.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236", - "refsource" : "CONFIRM", - "url" : "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236" - }, - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3510", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3510" - }, - { - "name" : "DSA-3520", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3520" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "openSUSE-SU-2016:0894", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" - }, - { - "name" : "openSUSE-SU-2016:1767", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:1769", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:1778", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" - }, - { - "name" : "SUSE-SU-2016:0909", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" - }, - { - "name" : "SUSE-SU-2016:0727", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" - }, - { - "name" : "SUSE-SU-2016:0777", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" - }, - { - "name" : "openSUSE-SU-2016:0731", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0733", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" - }, - { - "name" : "SUSE-SU-2016:0820", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" - }, - { - "name" : "openSUSE-SU-2016:0876", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" - }, - { - "name" : "USN-2917-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-2" - }, - { - "name" : "USN-2917-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-3" - }, - { - "name" : "USN-2934-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2934-1" - }, - { - "name" : "USN-2917-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-1" - }, - { - "name" : "1035215", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0894", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" + }, + { + "name": "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236", + "refsource": "CONFIRM", + "url": "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178" + }, + { + "name": "SUSE-SU-2016:0820", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" + }, + { + "name": "openSUSE-SU-2016:1767", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2016:0731", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" + }, + { + "name": "SUSE-SU-2016:0727", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" + }, + { + "name": "openSUSE-SU-2016:1778", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html" + }, + { + "name": "openSUSE-SU-2016:0876", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" + }, + { + "name": "USN-2917-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-1" + }, + { + "name": "DSA-3520", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3520" + }, + { + "name": "openSUSE-SU-2016:1769", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" + }, + { + "name": "SUSE-SU-2016:0909", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" + }, + { + "name": "DSA-3510", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3510" + }, + { + "name": "openSUSE-SU-2016:0733", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" + }, + { + "name": "1035215", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035215" + }, + { + "name": "SUSE-SU-2016:0777", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "USN-2934-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2934-1" + }, + { + "name": "USN-2917-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-2" + }, + { + "name": "USN-2917-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-3" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5050.json b/2016/5xxx/CVE-2016-5050.json index 1fcbeb1eac7..0ad6b8d56bd 100644 --- a/2016/5xxx/CVE-2016-5050.json +++ b/2016/5xxx/CVE-2016-5050.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5050", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5050", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#294272", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/294272" - }, - { - "name" : "92487", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote attackers to execute arbitrary code by uploading and requesting a .aspx file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#294272", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/294272" + }, + { + "name": "92487", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92487" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5572.json b/2016/5xxx/CVE-2016-5572.json index d9163078240..f90eb748489 100644 --- a/2016/5xxx/CVE-2016-5572.json +++ b/2016/5xxx/CVE-2016-5572.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93634", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93634" - }, - { - "name" : "1037035", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93634", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93634" + }, + { + "name": "1037035", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037035" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5602.json b/2016/5xxx/CVE-2016-5602.json index d8f3da4b17e..6bac8ee29d0 100644 --- a/2016/5xxx/CVE-2016-5602.json +++ b/2016/5xxx/CVE-2016-5602.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5602", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5602", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93741", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93741" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93741", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93741" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2668.json b/2018/2xxx/CVE-2018-2668.json index 38d7feba0f2..b9cdd97d586 100644 --- a/2018/2xxx/CVE-2018-2668.json +++ b/2018/2xxx/CVE-2018-2668.json @@ -1,136 +1,136 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.5.58 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.6.38 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.20 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.5.58 and prior" + }, + { + "version_affected": "=", + "version_value": "5.6.38 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.20 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" - }, - { - "name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180117-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180117-0002/" - }, - { - "name" : "DSA-4091", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4091" - }, - { - "name" : "DSA-4341", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4341" - }, - { - "name" : "RHSA-2018:0586", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0586" - }, - { - "name" : "RHSA-2018:0587", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0587" - }, - { - "name" : "RHSA-2018:2439", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2439" - }, - { - "name" : "RHSA-2018:2729", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2729" - }, - { - "name" : "USN-3537-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3537-1/" - }, - { - "name" : "USN-3537-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3537-2/" - }, - { - "name" : "102682", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102682" - }, - { - "name" : "1040216", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:0587", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0587" + }, + { + "name": "DSA-4341", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4341" + }, + { + "name": "USN-3537-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3537-1/" + }, + { + "name": "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" + }, + { + "name": "RHSA-2018:0586", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0586" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "RHSA-2018:2729", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2729" + }, + { + "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" + }, + { + "name": "DSA-4091", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4091" + }, + { + "name": "RHSA-2018:2439", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2439" + }, + { + "name": "102682", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102682" + }, + { + "name": "USN-3537-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3537-2/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180117-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180117-0002/" + }, + { + "name": "1040216", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040216" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2784.json b/2018/2xxx/CVE-2018-2784.json index 26789dbba81..bdcbcfe16ca 100644 --- a/2018/2xxx/CVE-2018-2784.json +++ b/2018/2xxx/CVE-2018-2784.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2784", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.6.39 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.21 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2784", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.6.39 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.21 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" - }, - { - "name" : "DSA-4341", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4341" - }, - { - "name" : "RHSA-2018:1254", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1254" - }, - { - "name" : "RHSA-2018:3655", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3655" - }, - { - "name" : "USN-3629-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-1/" - }, - { - "name" : "USN-3629-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-3/" - }, - { - "name" : "103801", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103801" - }, - { - "name" : "1040698", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040698" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-4341", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4341" + }, + { + "name": "1040698", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040698" + }, + { + "name": "RHSA-2018:1254", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1254" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0002/" + }, + { + "name": "103801", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103801" + }, + { + "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" + }, + { + "name": "RHSA-2018:3655", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3655" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "USN-3629-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-1/" + }, + { + "name": "USN-3629-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-3/" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0556.json b/2019/0xxx/CVE-2019-0556.json index 1d7f87bd036..c8529dcbd8d 100644 --- a/2019/0xxx/CVE-2019-0556.json +++ b/2019/0xxx/CVE-2019-0556.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft SharePoint", - "version" : { - "version_data" : [ - { - "version_value" : "Enterprise Server 2013 Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability.\" This affects Microsoft SharePoint. This CVE ID is unique from CVE-2019-0557, CVE-2019-0558." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft SharePoint", + "version": { + "version_data": [ + { + "version_value": "Enterprise Server 2013 Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556" - }, - { - "name" : "106387", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106387" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \"Microsoft Office SharePoint XSS Vulnerability.\" This affects Microsoft SharePoint. This CVE ID is unique from CVE-2019-0557, CVE-2019-0558." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106387", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106387" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0627.json b/2019/0xxx/CVE-2019-0627.json index a0ba03837ee..d68a50593ca 100644 --- a/2019/0xxx/CVE-2019-0627.json +++ b/2019/0xxx/CVE-2019-0627.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows", - "version" : { - "version_data" : [ - { - "version_value" : "10 for 32-bit Systems" - }, - { - "version_value" : "10 for x64-based Systems" - }, - { - "version_value" : "10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows Server", - "version" : { - "version_data" : [ - { - "version_value" : "2016" - }, - { - "version_value" : "2016 (Core installation)" - }, - { - "version_value" : "version 1709 (Core Installation)" - }, - { - "version_value" : "version 1803 (Core Installation)" - }, - { - "version_value" : "2019" - }, - { - "version_value" : "2019 (Core installation)" - } - ] - } - }, - { - "product_name" : "PowerShell Core", - "version" : { - "version_data" : [ - { - "version_value" : "6.1" - }, - { - "version_value" : "6.2" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "version 1709 (Core Installation)" + }, + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + }, + { + "product_name": "PowerShell Core", + "version": { + "version_data": [ + { + "version_value": "6.1" + }, + { + "version_value": "6.2" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627" - }, - { - "name" : "106857", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106857" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0627" + }, + { + "name": "106857", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106857" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0812.json b/2019/0xxx/CVE-2019-0812.json index 5c54814b456..1cf3e42832f 100644 --- a/2019/0xxx/CVE-2019-0812.json +++ b/2019/0xxx/CVE-2019-0812.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0812", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0812", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0842.json b/2019/0xxx/CVE-2019-0842.json index b75f8043ad4..8e183114b6e 100644 --- a/2019/0xxx/CVE-2019-0842.json +++ b/2019/0xxx/CVE-2019-0842.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0842", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0842", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0856.json b/2019/0xxx/CVE-2019-0856.json index b63b633ee5b..99af91fb65d 100644 --- a/2019/0xxx/CVE-2019-0856.json +++ b/2019/0xxx/CVE-2019-0856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1090.json b/2019/1xxx/CVE-2019-1090.json index 3665c24a06f..a331ff45bef 100644 --- a/2019/1xxx/CVE-2019-1090.json +++ b/2019/1xxx/CVE-2019-1090.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1090", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1090", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1104.json b/2019/1xxx/CVE-2019-1104.json index e02b49ee174..e619d8bc957 100644 --- a/2019/1xxx/CVE-2019-1104.json +++ b/2019/1xxx/CVE-2019-1104.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1104", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1104", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1130.json b/2019/1xxx/CVE-2019-1130.json index 388b4b87dc8..c35dcb2512b 100644 --- a/2019/1xxx/CVE-2019-1130.json +++ b/2019/1xxx/CVE-2019-1130.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1130", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1130", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1319.json b/2019/1xxx/CVE-2019-1319.json index b6a37a8b4bc..1f08d75872d 100644 --- a/2019/1xxx/CVE-2019-1319.json +++ b/2019/1xxx/CVE-2019-1319.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1319", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1319", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4257.json b/2019/4xxx/CVE-2019-4257.json index 095f7907967..28bb7773022 100644 --- a/2019/4xxx/CVE-2019-4257.json +++ b/2019/4xxx/CVE-2019-4257.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4257", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4257", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4338.json b/2019/4xxx/CVE-2019-4338.json index 41409fef09a..420e44e09e7 100644 --- a/2019/4xxx/CVE-2019-4338.json +++ b/2019/4xxx/CVE-2019-4338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4338", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4338", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4341.json b/2019/4xxx/CVE-2019-4341.json index ddf7f388ec8..57c7592b486 100644 --- a/2019/4xxx/CVE-2019-4341.json +++ b/2019/4xxx/CVE-2019-4341.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4341", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4341", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5082.json b/2019/5xxx/CVE-2019-5082.json index cb01dae1f98..1fec2439856 100644 --- a/2019/5xxx/CVE-2019-5082.json +++ b/2019/5xxx/CVE-2019-5082.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5082", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5082", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5475.json b/2019/5xxx/CVE-2019-5475.json index 9f0893da037..a96e7be6e1f 100644 --- a/2019/5xxx/CVE-2019-5475.json +++ b/2019/5xxx/CVE-2019-5475.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5475", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5475", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5644.json b/2019/5xxx/CVE-2019-5644.json index 047b5f1d8e2..aa2f346bf23 100644 --- a/2019/5xxx/CVE-2019-5644.json +++ b/2019/5xxx/CVE-2019-5644.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5644", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5644", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5861.json b/2019/5xxx/CVE-2019-5861.json index 5c48d1263dc..d5fcbbac454 100644 --- a/2019/5xxx/CVE-2019-5861.json +++ b/2019/5xxx/CVE-2019-5861.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5861", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5861", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8190.json b/2019/8xxx/CVE-2019-8190.json index 6bbdb209abf..900f5020100 100644 --- a/2019/8xxx/CVE-2019-8190.json +++ b/2019/8xxx/CVE-2019-8190.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8190", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8190", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9089.json b/2019/9xxx/CVE-2019-9089.json index 1316f3fcbf6..cdaf57fef79 100644 --- a/2019/9xxx/CVE-2019-9089.json +++ b/2019/9xxx/CVE-2019-9089.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9089", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9089", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9715.json b/2019/9xxx/CVE-2019-9715.json index 8db9556549a..c648d3e847b 100644 --- a/2019/9xxx/CVE-2019-9715.json +++ b/2019/9xxx/CVE-2019-9715.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9715", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9715", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file