From 4f3163861da5e5d8968b0f38ea710f54c2bd5d2e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:23:17 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0335.json | 210 +++++++++---------- 2007/0xxx/CVE-2007-0349.json | 140 ++++++------- 2007/0xxx/CVE-2007-0355.json | 230 ++++++++++----------- 2007/0xxx/CVE-2007-0391.json | 170 ++++++++-------- 2007/0xxx/CVE-2007-0642.json | 190 +++++++++--------- 2007/0xxx/CVE-2007-0771.json | 200 +++++++++---------- 2007/1xxx/CVE-2007-1069.json | 220 ++++++++++---------- 2007/1xxx/CVE-2007-1341.json | 170 ++++++++-------- 2007/3xxx/CVE-2007-3585.json | 140 ++++++------- 2007/4xxx/CVE-2007-4173.json | 180 ++++++++--------- 2007/4xxx/CVE-2007-4327.json | 190 +++++++++--------- 2007/4xxx/CVE-2007-4793.json | 180 ++++++++--------- 2014/5xxx/CVE-2014-5048.json | 34 ++-- 2014/5xxx/CVE-2014-5230.json | 34 ++-- 2015/2xxx/CVE-2015-2875.json | 140 ++++++------- 2015/2xxx/CVE-2015-2954.json | 150 +++++++------- 2015/6xxx/CVE-2015-6086.json | 160 +++++++-------- 2015/6xxx/CVE-2015-6283.json | 34 ++-- 2015/6xxx/CVE-2015-6408.json | 140 ++++++------- 2015/7xxx/CVE-2015-7139.json | 34 ++-- 2015/7xxx/CVE-2015-7199.json | 310 ++++++++++++++--------------- 2015/7xxx/CVE-2015-7596.json | 140 ++++++------- 2015/7xxx/CVE-2015-7755.json | 220 ++++++++++---------- 2016/0xxx/CVE-2016-0011.json | 130 ++++++------ 2016/0xxx/CVE-2016-0414.json | 130 ++++++------ 2016/0xxx/CVE-2016-0421.json | 160 +++++++-------- 2016/0xxx/CVE-2016-0716.json | 34 ++-- 2016/1000xxx/CVE-2016-1000007.json | 120 +++++------ 2016/10xxx/CVE-2016-10285.json | 130 ++++++------ 2016/1xxx/CVE-2016-1139.json | 140 ++++++------- 2016/1xxx/CVE-2016-1749.json | 160 +++++++-------- 2016/4xxx/CVE-2016-4336.json | 120 +++++------ 2016/4xxx/CVE-2016-4383.json | 150 +++++++------- 2016/4xxx/CVE-2016-4882.json | 140 ++++++------- 2016/4xxx/CVE-2016-4964.json | 160 +++++++-------- 2016/9xxx/CVE-2016-9403.json | 150 +++++++------- 2019/2xxx/CVE-2019-2230.json | 34 ++-- 2019/2xxx/CVE-2019-2851.json | 34 ++-- 2019/3xxx/CVE-2019-3051.json | 34 ++-- 2019/3xxx/CVE-2019-3156.json | 34 ++-- 2019/3xxx/CVE-2019-3672.json | 34 ++-- 2019/3xxx/CVE-2019-3798.json | 34 ++-- 2019/3xxx/CVE-2019-3889.json | 34 ++-- 2019/4xxx/CVE-2019-4492.json | 34 ++-- 2019/6xxx/CVE-2019-6100.json | 34 ++-- 2019/6xxx/CVE-2019-6267.json | 140 ++++++------- 2019/6xxx/CVE-2019-6394.json | 34 ++-- 2019/6xxx/CVE-2019-6686.json | 34 ++-- 2019/6xxx/CVE-2019-6780.json | 140 ++++++------- 2019/7xxx/CVE-2019-7393.json | 34 ++-- 2019/7xxx/CVE-2019-7411.json | 34 ++-- 2019/7xxx/CVE-2019-7591.json | 34 ++-- 2019/7xxx/CVE-2019-7674.json | 120 +++++------ 2019/8xxx/CVE-2019-8064.json | 34 ++-- 2019/8xxx/CVE-2019-8709.json | 34 ++-- 2019/8xxx/CVE-2019-8743.json | 34 ++-- 2019/8xxx/CVE-2019-8890.json | 34 ++-- 2019/9xxx/CVE-2019-9009.json | 34 ++-- 2019/9xxx/CVE-2019-9066.json | 120 +++++------ 2019/9xxx/CVE-2019-9083.json | 48 +---- 2019/9xxx/CVE-2019-9306.json | 34 ++-- 61 files changed, 3272 insertions(+), 3316 deletions(-) diff --git a/2007/0xxx/CVE-2007-0335.json b/2007/0xxx/CVE-2007-0335.json index ca65888c457..50a592ec02f 100644 --- a/2007/0xxx/CVE-2007-0335.json +++ b/2007/0xxx/CVE-2007-0335.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070114 Jax Petition Book (languagepack) Remote File Include Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456981/100/0/threaded" - }, - { - "name" : "20070115 Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456989/100/0/threaded" - }, - { - "name" : "20070116 Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457077/100/0/threaded" - }, - { - "name" : "22072", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22072" - }, - { - "name" : "ADV-2007-0220", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0220" - }, - { - "name" : "32835", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32835" - }, - { - "name" : "32836", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32836" - }, - { - "name" : "23784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23784" - }, - { - "name" : "2161", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2161" - }, - { - "name" : "petitionbook-language-file-include(31543)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31543" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23784" + }, + { + "name": "20070116 Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457077/100/0/threaded" + }, + { + "name": "20070114 Jax Petition Book (languagepack) Remote File Include Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456981/100/0/threaded" + }, + { + "name": "32835", + "refsource": "OSVDB", + "url": "http://osvdb.org/32835" + }, + { + "name": "petitionbook-language-file-include(31543)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31543" + }, + { + "name": "2161", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2161" + }, + { + "name": "22072", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22072" + }, + { + "name": "ADV-2007-0220", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0220" + }, + { + "name": "20070115 Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456989/100/0/threaded" + }, + { + "name": "32836", + "refsource": "OSVDB", + "url": "http://osvdb.org/32836" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0349.json b/2007/0xxx/CVE-2007-0349.json index 993bfd28d99..fc026172e86 100644 --- a/2007/0xxx/CVE-2007-0349.json +++ b/2007/0xxx/CVE-2007-0349.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. (dot dot) in the gateway parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070116 vulnerability script indexu all versions", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457079/100/0/threaded" - }, - { - "name" : "45533", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45533" - }, - { - "name" : "indexu-upgrade-file-include(31539)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31539" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. (dot dot) in the gateway parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "indexu-upgrade-file-include(31539)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31539" + }, + { + "name": "20070116 vulnerability script indexu all versions", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457079/100/0/threaded" + }, + { + "name": "45533", + "refsource": "OSVDB", + "url": "http://osvdb.org/45533" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0355.json b/2007/0xxx/CVE-2007-0355.json index eacad99d4c4..4a8a310b072 100644 --- a/2007/0xxx/CVE-2007-0355.json +++ b/2007/0xxx/CVE-2007-0355.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.info-pull.com/moab/MOAB-17-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-17-01-2007.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307430", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307430" - }, - { - "name" : "APPLE-SA-2008-02-11", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html" - }, - { - "name" : "3151", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3151" - }, - { - "name" : "TA08-043B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-043B.html" - }, - { - "name" : "22101", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22101" - }, - { - "name" : "ADV-2007-0239", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0239" - }, - { - "name" : "32693", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32693" - }, - { - "name" : "1017533", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017533" - }, - { - "name" : "1019359", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019359" - }, - { - "name" : "23796", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23796" - }, - { - "name" : "macos-slpd-bo(31562)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://docs.info.apple.com/article.html?artnum=307430", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307430" + }, + { + "name": "1019359", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019359" + }, + { + "name": "3151", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3151" + }, + { + "name": "1017533", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017533" + }, + { + "name": "32693", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32693" + }, + { + "name": "http://projects.info-pull.com/moab/MOAB-17-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-17-01-2007.html" + }, + { + "name": "ADV-2007-0239", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0239" + }, + { + "name": "TA08-043B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-043B.html" + }, + { + "name": "23796", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23796" + }, + { + "name": "APPLE-SA-2008-02-11", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html" + }, + { + "name": "22101", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22101" + }, + { + "name": "macos-slpd-bo(31562)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31562" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0391.json b/2007/0xxx/CVE-2007-0391.json index 9dc2319bd82..aefa6e72d0c 100644 --- a/2007/0xxx/CVE-2007-0391.json +++ b/2007/0xxx/CVE-2007-0391.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457414/100/0/threaded" - }, - { - "name" : "20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051883.html" - }, - { - "name" : "http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html", - "refsource" : "CONFIRM", - "url" : "http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html" - }, - { - "name" : "22128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22128" - }, - { - "name" : "ADV-2007-0253", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0253" - }, - { - "name" : "bitdefender-scanjob-format-string(31608)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457414/100/0/threaded" + }, + { + "name": "bitdefender-scanjob-format-string(31608)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31608" + }, + { + "name": "ADV-2007-0253", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0253" + }, + { + "name": "22128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22128" + }, + { + "name": "20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051883.html" + }, + { + "name": "http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html", + "refsource": "CONFIRM", + "url": "http://www.bitdefender.com/KB325-en--Format-string-vulnerability.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0642.json b/2007/0xxx/CVE-2007-0642.json index 183bae8f440..306a5b8f263 100644 --- a/2007/0xxx/CVE-2007-0642.json +++ b/2007/0xxx/CVE-2007-0642.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070127 RBL - ASP (scripts with db) SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458495/100/0/threaded" - }, - { - "name" : "20070129 RBL - ASP (scripts with db) SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458560/100/0/threaded" - }, - { - "name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2607", - "refsource" : "MISC", - "url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2607" - }, - { - "name" : "20070131 Partial source code verify - \"RBL - ASP\" scripts SQL injection", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-January/001259.html" - }, - { - "name" : "22350", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22350" - }, - { - "name" : "36040", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36040" - }, - { - "name" : "2201", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2201" - }, - { - "name" : "rbl-userpass-sql-injection(31927)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) pass to user_confirm.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22350", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22350" + }, + { + "name": "20070127 RBL - ASP (scripts with db) SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458495/100/0/threaded" + }, + { + "name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2607", + "refsource": "MISC", + "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2607" + }, + { + "name": "2201", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2201" + }, + { + "name": "rbl-userpass-sql-injection(31927)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31927" + }, + { + "name": "36040", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36040" + }, + { + "name": "20070131 Partial source code verify - \"RBL - ASP\" scripts SQL injection", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-January/001259.html" + }, + { + "name": "20070129 RBL - ASP (scripts with db) SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458560/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0771.json b/2007/0xxx/CVE-2007-0771.json index 0804b551609..6813485ad18 100644 --- a/2007/0xxx/CVE-2007-0771.json +++ b/2007/0xxx/CVE-2007-0771.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to \"MT exec + utrace_attach spin failure mode,\" as demonstrated by ptrace-thrash.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=227952", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=227952" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=228816", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=228816" - }, - { - "name" : "RHSA-2007:0169", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0169.html" - }, - { - "name" : "23720", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23720" - }, - { - "name" : "35927", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35927" - }, - { - "name" : "oval:org.mitre.oval:def:9447", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447" - }, - { - "name" : "1017979", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017979" - }, - { - "name" : "25080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25080" - }, - { - "name" : "kernel-utracesupport-dos(34128)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to \"MT exec + utrace_attach spin failure mode,\" as demonstrated by ptrace-thrash.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "kernel-utracesupport-dos(34128)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34128" + }, + { + "name": "1017979", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017979" + }, + { + "name": "23720", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23720" + }, + { + "name": "oval:org.mitre.oval:def:9447", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9447" + }, + { + "name": "35927", + "refsource": "OSVDB", + "url": "http://osvdb.org/35927" + }, + { + "name": "RHSA-2007:0169", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0169.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=228816", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=228816" + }, + { + "name": "25080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25080" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=227952", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=227952" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1069.json b/2007/1xxx/CVE-2007-1069.json index 1a6540f3a63..685d762575d 100644 --- a/2007/1xxx/CVE-2007-1069.json +++ b/2007/1xxx/CVE-2007-1069.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070507 [Reversemode Advisory] VMware Products - GPF Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467836/100/0/threaded" - }, - { - "name" : "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467936/30/6690/threaded" - }, - { - "name" : "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469011/30/6510/threaded" - }, - { - "name" : "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=49", - "refsource" : "MISC", - "url" : "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=49" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554" - }, - { - "name" : "23732", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23732" - }, - { - "name" : "ADV-2007-1592", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1592" - }, - { - "name" : "35507", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35507" - }, - { - "name" : "1018011", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018011" - }, - { - "name" : "25079", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25079" - }, - { - "name" : "vmware-gpf-dos(33994)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23732", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23732" + }, + { + "name": "ADV-2007-1592", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1592" + }, + { + "name": "35507", + "refsource": "OSVDB", + "url": "http://osvdb.org/35507" + }, + { + "name": "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded" + }, + { + "name": "25079", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25079" + }, + { + "name": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=49", + "refsource": "MISC", + "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=49" + }, + { + "name": "1018011", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018011" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554" + }, + { + "name": "vmware-gpf-dos(33994)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33994" + }, + { + "name": "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded" + }, + { + "name": "20070507 [Reversemode Advisory] VMware Products - GPF Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467836/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1341.json b/2007/1xxx/CVE-2007-1341.json index d6d420df042..7c41833a563 100644 --- a/2007/1xxx/CVE-2007-1341.json +++ b/2007/1xxx/CVE-2007-1341.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1341", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1341", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/simpleinvoices/issues/detail?id=35", - "refsource" : "MISC", - "url" : "http://code.google.com/p/simpleinvoices/issues/detail?id=35" - }, - { - "name" : "http://forum.tufat.com/showthread.php?p=116753#post116753", - "refsource" : "MISC", - "url" : "http://forum.tufat.com/showthread.php?p=116753#post116753" - }, - { - "name" : "https://sourceforge.net/project/shownotes.php?group_id=164303&release_id=491300", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/project/shownotes.php?group_id=164303&release_id=491300" - }, - { - "name" : "22818", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22818" - }, - { - "name" : "33860", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33860" - }, - { - "name" : "24402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24402" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24402" + }, + { + "name": "http://code.google.com/p/simpleinvoices/issues/detail?id=35", + "refsource": "MISC", + "url": "http://code.google.com/p/simpleinvoices/issues/detail?id=35" + }, + { + "name": "https://sourceforge.net/project/shownotes.php?group_id=164303&release_id=491300", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/project/shownotes.php?group_id=164303&release_id=491300" + }, + { + "name": "22818", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22818" + }, + { + "name": "33860", + "refsource": "OSVDB", + "url": "http://osvdb.org/33860" + }, + { + "name": "http://forum.tufat.com/showthread.php?p=116753#post116753", + "refsource": "MISC", + "url": "http://forum.tufat.com/showthread.php?p=116753#post116753" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3585.json b/2007/3xxx/CVE-2007-3585.json index 13b0b705e9d..2bf27bf68e5 100644 --- a/2007/3xxx/CVE-2007-3585.json +++ b/2007/3xxx/CVE-2007-3585.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3585", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3585", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4144", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4144" - }, - { - "name" : "24757", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24757" - }, - { - "name" : "43962", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43962" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4144", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4144" + }, + { + "name": "24757", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24757" + }, + { + "name": "43962", + "refsource": "OSVDB", + "url": "http://osvdb.org/43962" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4173.json b/2007/4xxx/CVE-2007-4173.json index 5865f001b69..851028dff18 100644 --- a/2007/4xxx/CVE-2007-4173.json +++ b/2007/4xxx/CVE-2007-4173.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070802 Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475354/100/0/threaded" - }, - { - "name" : "http://yollubunlar.org/hunkaray-okul-portali-v1.1-tr-sql-injection-vuln-44.html", - "refsource" : "MISC", - "url" : "http://yollubunlar.org/hunkaray-okul-portali-v1.1-tr-sql-injection-vuln-44.html" - }, - { - "name" : "25185", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25185" - }, - { - "name" : "36272", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36272" - }, - { - "name" : "26323", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26323" - }, - { - "name" : "2966", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2966" - }, - { - "name" : "hunkaray-duyuruoku-sql-injection(35778)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35778" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hunkaray-duyuruoku-sql-injection(35778)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35778" + }, + { + "name": "25185", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25185" + }, + { + "name": "2966", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2966" + }, + { + "name": "20070802 Hunkaray Okul Portali v1.1 (tr) Sql injection Vuln", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475354/100/0/threaded" + }, + { + "name": "http://yollubunlar.org/hunkaray-okul-portali-v1.1-tr-sql-injection-vuln-44.html", + "refsource": "MISC", + "url": "http://yollubunlar.org/hunkaray-okul-portali-v1.1-tr-sql-injection-vuln-44.html" + }, + { + "name": "26323", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26323" + }, + { + "name": "36272", + "refsource": "OSVDB", + "url": "http://osvdb.org/36272" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4327.json b/2007/4xxx/CVE-2007-4327.json index cc951210262..d0c369c2992 100644 --- a/2007/4xxx/CVE-2007-4327.json +++ b/2007/4xxx/CVE-2007-4327.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070809 File Uploader Version 1.1 Remote Command Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475957/100/0/threaded" - }, - { - "name" : "25253", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25253" - }, - { - "name" : "ADV-2007-2832", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2832" - }, - { - "name" : "36424", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36424" - }, - { - "name" : "36425", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36425" - }, - { - "name" : "26397", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26397" - }, - { - "name" : "3000", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3000" - }, - { - "name" : "fileuploader-index-datei-file-include(35926)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070809 File Uploader Version 1.1 Remote Command Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475957/100/0/threaded" + }, + { + "name": "36425", + "refsource": "OSVDB", + "url": "http://osvdb.org/36425" + }, + { + "name": "25253", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25253" + }, + { + "name": "ADV-2007-2832", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2832" + }, + { + "name": "fileuploader-index-datei-file-include(35926)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35926" + }, + { + "name": "26397", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26397" + }, + { + "name": "36424", + "refsource": "OSVDB", + "url": "http://osvdb.org/36424" + }, + { + "name": "3000", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3000" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4793.json b/2007/4xxx/CVE-2007-4793.json index 6aa9145d4f7..4ee27fe48b0 100644 --- a/2007/4xxx/CVE-2007-4793.json +++ b/2007/4xxx/CVE-2007-4793.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4793", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4793", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3853", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3853" - }, - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3854", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3854" - }, - { - "name" : "IZ00997", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00997" - }, - { - "name" : "25560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25560" - }, - { - "name" : "ADV-2007-3059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3059" - }, - { - "name" : "40398", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40398" - }, - { - "name" : "26715", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3853", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3853" + }, + { + "name": "26715", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26715" + }, + { + "name": "ADV-2007-3059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3059" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3854", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3854" + }, + { + "name": "25560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25560" + }, + { + "name": "40398", + "refsource": "OSVDB", + "url": "http://osvdb.org/40398" + }, + { + "name": "IZ00997", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00997" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5048.json b/2014/5xxx/CVE-2014-5048.json index 705c9bd1a32..aea84760fc7 100644 --- a/2014/5xxx/CVE-2014-5048.json +++ b/2014/5xxx/CVE-2014-5048.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5048", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5048", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5230.json b/2014/5xxx/CVE-2014-5230.json index 3a8310ab371..30833cb5f45 100644 --- a/2014/5xxx/CVE-2014-5230.json +++ b/2014/5xxx/CVE-2014-5230.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5230", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-5230", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2875.json b/2015/2xxx/CVE-2015-2875.json index 674e3f82754..5c5160460aa 100644 --- a/2015/2xxx/CVE-2015-2875.json +++ b/2015/2xxx/CVE-2015-2875.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2875", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH" - }, - { - "name" : "https://www.kb.cert.org/vuls/id/GWAN-A26L3F", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/GWAN-A26L3F" - }, - { - "name" : "VU#903500", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/903500" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to read arbitrary files via a full pathname in a download request during a Wi-Fi session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#903500", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/903500" + }, + { + "name": "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH" + }, + { + "name": "https://www.kb.cert.org/vuls/id/GWAN-A26L3F", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/GWAN-A26L3F" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2954.json b/2015/2xxx/CVE-2015-2954.json index 0a54bd5dcb9..f0b8ed0b854 100644 --- a/2015/2xxx/CVE-2015-2954.json +++ b/2015/2xxx/CVE-2015-2954.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to hijack the authentication of arbitrary users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/en/jp/JVN12241436/995646/index.html", - "refsource" : "CONFIRM", - "url" : "http://jvn.jp/en/jp/JVN12241436/995646/index.html" - }, - { - "name" : "JVN#12241436", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN12241436/index.html" - }, - { - "name" : "JVNDB-2015-000079", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000079" - }, - { - "name" : "75072", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75072" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to hijack the authentication of arbitrary users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#12241436", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN12241436/index.html" + }, + { + "name": "JVNDB-2015-000079", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000079" + }, + { + "name": "75072", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75072" + }, + { + "name": "http://jvn.jp/en/jp/JVN12241436/995646/index.html", + "refsource": "CONFIRM", + "url": "http://jvn.jp/en/jp/JVN12241436/995646/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6086.json b/2015/6xxx/CVE-2015-6086.json index 665bc35a992..6f260cce0cc 100644 --- a/2015/6xxx/CVE-2015-6086.json +++ b/2015/6xxx/CVE-2015-6086.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39698", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39698/" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-547", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-547" - }, - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "77461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77461" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39698", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39698/" + }, + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-547", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-547" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + }, + { + "name": "77461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77461" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6283.json b/2015/6xxx/CVE-2015-6283.json index 0ace3f4873b..f322ae05cbf 100644 --- a/2015/6xxx/CVE-2015-6283.json +++ b/2015/6xxx/CVE-2015-6283.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6283", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6283", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6408.json b/2015/6xxx/CVE-2015-6408.json index b82ab0f6f7e..f6bbb0816c5 100644 --- a/2015/6xxx/CVE-2015-6408.json +++ b/2015/6xxx/CVE-2015-6408.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6408", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151209 Cisco Unity Connection Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-uc" - }, - { - "name" : "78875", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78875" - }, - { - "name" : "1034379", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034379" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151209 Cisco Unity Connection Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-uc" + }, + { + "name": "78875", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78875" + }, + { + "name": "1034379", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034379" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7139.json b/2015/7xxx/CVE-2015-7139.json index 47901acdf25..63fee36ac1e 100644 --- a/2015/7xxx/CVE-2015-7139.json +++ b/2015/7xxx/CVE-2015-7139.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7139", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7139", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7199.json b/2015/7xxx/CVE-2015-7199.json index 2e54932c06c..69993ee9238 100644 --- a/2015/7xxx/CVE-2015-7199.json +++ b/2015/7xxx/CVE-2015-7199.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-131.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-131.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204061", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204061" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3410", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3410" - }, - { - "name" : "DSA-3393", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3393" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:2519", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2519.html" - }, - { - "name" : "RHSA-2015:1982", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1982.html" - }, - { - "name" : "openSUSE-SU-2015:2229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" - }, - { - "name" : "openSUSE-SU-2015:2245", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" - }, - { - "name" : "SUSE-SU-2015:1926", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:1978", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:1981", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "USN-2819-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2819-1" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "77411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77411" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted SVG document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "DSA-3410", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3410" + }, + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "77411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77411" + }, + { + "name": "SUSE-SU-2015:1981", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:2229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" + }, + { + "name": "RHSA-2015:2519", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2519.html" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "SUSE-SU-2015:1926", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "RHSA-2015:1982", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1982.html" + }, + { + "name": "USN-2819-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2819-1" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-131.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-131.html" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "DSA-3393", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3393" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204061", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204061" + }, + { + "name": "openSUSE-SU-2015:2245", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" + }, + { + "name": "SUSE-SU-2015:1978", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7596.json b/2015/7xxx/CVE-2015-7596.json index b77d2dcacc6..e32f214f64c 100644 --- a/2015/7xxx/CVE-2015-7596.json +++ b/2015/7xxx/CVE-2015-7596.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/" - }, - { - "name" : "https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf", - "refsource" : "MISC", - "url" : "https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf" - }, - { - "name" : "https://safenet.gemalto.com/technical-support/security-updates/", - "refsource" : "CONFIRM", - "url" : "https://safenet.gemalto.com/technical-support/security-updates/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://safenet.gemalto.com/technical-support/security-updates/", + "refsource": "CONFIRM", + "url": "https://safenet.gemalto.com/technical-support/security-updates/" + }, + { + "name": "https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/", + "refsource": "MISC", + "url": "https://labs.nettitude.com/blog/cve-2015-7596-through-cve-2015-7598-cve-2015-7961-through-cve-2015-7967-safenet-authentication-service-agent-vulnerabilities/" + }, + { + "name": "https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf", + "refsource": "MISC", + "url": "https://labs.nettitude.com/wp-content/uploads/2016/03/160125-1-Gemalto-IDSS-Security-Bulletin-SAS-Agents-Privilege-Escalation.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7755.json b/2015/7xxx/CVE-2015-7755.json index 4c2a6269f96..227c73c1aa4 100644 --- a/2015/7xxx/CVE-2015-7755.json +++ b/2015/7xxx/CVE-2015-7755.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7755", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7755", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/", - "refsource" : "MISC", - "url" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/" - }, - { - "name" : "http://twitter.com/cryptoron/statuses/677900647560253442", - "refsource" : "MISC", - "url" : "http://twitter.com/cryptoron/statuses/677900647560253442" - }, - { - "name" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/", - "refsource" : "MISC", - "url" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/" - }, - { - "name" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/", - "refsource" : "MISC", - "url" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/" - }, - { - "name" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/", - "refsource" : "MISC", - "url" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/" - }, - { - "name" : "https://github.com/hdm/juniper-cve-2015-7755", - "refsource" : "MISC", - "url" : "https://github.com/hdm/juniper-cve-2015-7755" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713" - }, - { - "name" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554", - "refsource" : "CONFIRM", - "url" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554" - }, - { - "name" : "VU#640184", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/640184" - }, - { - "name" : "79626", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79626" - }, - { - "name" : "1034489", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034489" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/", + "refsource": "MISC", + "url": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/" + }, + { + "name": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/", + "refsource": "MISC", + "url": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/" + }, + { + "name": "1034489", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034489" + }, + { + "name": "VU#640184", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/640184" + }, + { + "name": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554", + "refsource": "CONFIRM", + "url": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554" + }, + { + "name": "https://github.com/hdm/juniper-cve-2015-7755", + "refsource": "MISC", + "url": "https://github.com/hdm/juniper-cve-2015-7755" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713" + }, + { + "name": "http://twitter.com/cryptoron/statuses/677900647560253442", + "refsource": "MISC", + "url": "http://twitter.com/cryptoron/statuses/677900647560253442" + }, + { + "name": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/", + "refsource": "MISC", + "url": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/" + }, + { + "name": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/", + "refsource": "MISC", + "url": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/" + }, + { + "name": "79626", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79626" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0011.json b/2016/0xxx/CVE-2016-0011.json index 9e64acfb4c2..85f465118a0 100644 --- a/2016/0xxx/CVE-2016-0011.json +++ b/2016/0xxx/CVE-2016-0011.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0011", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka \"Microsoft SharePoint Security Feature Bypass,\" a different vulnerability than CVE-2015-6117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0011", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-004", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004" - }, - { - "name" : "1034653", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034653" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka \"Microsoft SharePoint Security Feature Bypass,\" a different vulnerability than CVE-2015-6117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-004", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004" + }, + { + "name": "1034653", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034653" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0414.json b/2016/0xxx/CVE-2016-0414.json index 229d0498cad..19af4007d1f 100644 --- a/2016/0xxx/CVE-2016-0414.json +++ b/2016/0xxx/CVE-2016-0414.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0418." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0418." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0421.json b/2016/0xxx/CVE-2016-0421.json index f7cda81ea7b..7a3d0ad6c74 100644 --- a/2016/0xxx/CVE-2016-0421.json +++ b/2016/0xxx/CVE-2016-0421.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0421", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Monitoring and Diagnostics SEC." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160825 Onapsis Security Advisory ONAPSIS-2016-010: JD Edwards Server Manager Shutdown", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/125" - }, - { - "name" : "http://packetstormsecurity.com/files/138508/JD-Edwards-9.1-EnterpriseOne-Server-Manager-Shutdown.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138508/JD-Edwards-9.1-EnterpriseOne-Server-Manager-Shutdown.html" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-shutdown", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-shutdown" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034722", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034722" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Monitoring and Diagnostics SEC." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034722", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034722" + }, + { + "name": "http://packetstormsecurity.com/files/138508/JD-Edwards-9.1-EnterpriseOne-Server-Manager-Shutdown.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138508/JD-Edwards-9.1-EnterpriseOne-Server-Manager-Shutdown.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-shutdown", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-shutdown" + }, + { + "name": "20160825 Onapsis Security Advisory ONAPSIS-2016-010: JD Edwards Server Manager Shutdown", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/125" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0716.json b/2016/0xxx/CVE-2016-0716.json index 955441b6aa7..a21219618f2 100644 --- a/2016/0xxx/CVE-2016-0716.json +++ b/2016/0xxx/CVE-2016-0716.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0716", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0729. Reason: This candidate is a reservation duplicate of CVE-2016-0729. Notes: All CVE users should reference CVE-2016-0729 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0716", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0729. Reason: This candidate is a reservation duplicate of CVE-2016-0729. Notes: All CVE users should reference CVE-2016-0729 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000007.json b/2016/1000xxx/CVE-2016-1000007.json index cfb8cf28255..bb6d1d35b4e 100644 --- a/2016/1000xxx/CVE-2016-1000007.json +++ b/2016/1000xxx/CVE-2016-1000007.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000007", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Pagure 2.2.1 XSS in raw file endpoint" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000007", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77.patch", - "refsource" : "MISC", - "url" : "https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77.patch" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pagure 2.2.1 XSS in raw file endpoint" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77.patch", + "refsource": "MISC", + "url": "https://pagure.io/pagure/c/070d63983fe5daef92005ea33d3b8c693c224c77.patch" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10285.json b/2016/10xxx/CVE-2016-10285.json index 1074cdae822..65583b309ce 100644 --- a/2016/10xxx/CVE-2016-10285.json +++ b/2016/10xxx/CVE-2016-10285.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-10285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-10285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-05-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-05-01" - }, - { - "name" : "98163", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-05-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-05-01" + }, + { + "name": "98163", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98163" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1139.json b/2016/1xxx/CVE-2016-1139.json index edf010a3ee2..abcfd4f28dc 100644 --- a/2016/1xxx/CVE-2016-1139.json +++ b/2016/1xxx/CVE-2016-1139.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06", - "refsource" : "CONFIRM", - "url" : "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06" - }, - { - "name" : "JVN#54686544", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN54686544/index.html" - }, - { - "name" : "JVNDB-2016-000010", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06", + "refsource": "CONFIRM", + "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06" + }, + { + "name": "JVNDB-2016-000010", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000010" + }, + { + "name": "JVN#54686544", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN54686544/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1749.json b/2016/1xxx/CVE-2016-1749.json index dbe9ed321f5..4aaa56c1768 100644 --- a/2016/1xxx/CVE-2016-1749.json +++ b/2016/1xxx/CVE-2016-1749.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1749", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1749", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39607", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39607/" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-206", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-206" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "1035363", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035363" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "39607", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39607/" + }, + { + "name": "1035363", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035363" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-206", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-206" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4336.json b/2016/4xxx/CVE-2016-4336.json index 12a36bd2c7c..15f50a304eb 100644 --- a/2016/4xxx/CVE-2016-4336.json +++ b/2016/4xxx/CVE-2016-4336.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Perceptive Document Filters", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Lexmark" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "out-of-bounds write" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Perceptive Document Filters", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Lexmark" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0173/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0173/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "out-of-bounds write" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0173/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0173/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4383.json b/2016/4xxx/CVE-2016-4383.json index 223e86050fa..325f80a1ce8 100644 --- a/2016/4xxx/CVE-2016-4383.json +++ b/2016/4xxx/CVE-2016-4383.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.launchpad.net/glance/+bug/1593799/", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/glance/+bug/1593799/" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05273584", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05273584" - }, - { - "name" : "https://wiki.openstack.org/wiki/OSSN/OSSN-0075", - "refsource" : "CONFIRM", - "url" : "https://wiki.openstack.org/wiki/OSSN/OSSN-0075" - }, - { - "name" : "93106", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93106", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93106" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05273584", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05273584" + }, + { + "name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0075", + "refsource": "CONFIRM", + "url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0075" + }, + { + "name": "https://bugs.launchpad.net/glance/+bug/1593799/", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/glance/+bug/1593799/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4882.json b/2016/4xxx/CVE-2016-4882.json index 7e20a1ec06d..9f6967e1eb9 100644 --- a/2016/4xxx/CVE-2016-4882.json +++ b/2016/4xxx/CVE-2016-4882.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4882", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "baserCMS", - "version" : { - "version_data" : [ - { - "version_value" : "version 3.0.10 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "baserCMS Users Community" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4882", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "baserCMS", + "version": { + "version_data": [ + { + "version_value": "version 3.0.10 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "baserCMS Users Community" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://basercms.net/security/JVN92765814", - "refsource" : "CONFIRM", - "url" : "http://basercms.net/security/JVN92765814" - }, - { - "name" : "JVN#92765814", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN92765814/index.html" - }, - { - "name" : "93217", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site request forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://basercms.net/security/JVN92765814", + "refsource": "CONFIRM", + "url": "http://basercms.net/security/JVN92765814" + }, + { + "name": "JVN#92765814", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN92765814/index.html" + }, + { + "name": "93217", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93217" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4964.json b/2016/4xxx/CVE-2016-4964.json index bda0da8ce92..e2be274e365 100644 --- a/2016/4xxx/CVE-2016-4964.json +++ b/2016/4xxx/CVE-2016-4964.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160524 CVE Request: Qemu: scsi: mptsas infinite loop in mptsas_fetch_requests", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/4" - }, - { - "name" : "[oss-security] 20160524 Re: CVE Request: Qemu: scsi: mptsas infinite loop in mptsas_fetch_requests", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/7" - }, - { - "name" : "[qemu-devel] 20160524 [PATCH] scsi: mptsas: infinite loop while fetching requests", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04027.html" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=06630554ccbdd25780aa03c3548aaff1eb56dffd", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=06630554ccbdd25780aa03c3548aaff1eb56dffd" - }, - { - "name" : "GLSA-201609-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201609-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160524 Re: CVE Request: Qemu: scsi: mptsas infinite loop in mptsas_fetch_requests", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/7" + }, + { + "name": "[qemu-devel] 20160524 [PATCH] scsi: mptsas: infinite loop while fetching requests", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04027.html" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=06630554ccbdd25780aa03c3548aaff1eb56dffd", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=06630554ccbdd25780aa03c3548aaff1eb56dffd" + }, + { + "name": "[oss-security] 20160524 CVE Request: Qemu: scsi: mptsas infinite loop in mptsas_fetch_requests", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/4" + }, + { + "name": "GLSA-201609-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201609-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9403.json b/2016/9xxx/CVE-2016-9403.json index 78d898520d2..b91e2f5708f 100644 --- a/2016/9xxx/CVE-2016-9403.json +++ b/2016/9xxx/CVE-2016-9403.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" - }, - { - "name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" - }, - { - "name" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/", - "refsource" : "CONFIRM", - "url" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/" - }, - { - "name" : "94395", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94395" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94395", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94395" + }, + { + "name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/1" + }, + { + "name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/10/8" + }, + { + "name": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/", + "refsource": "CONFIRM", + "url": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2230.json b/2019/2xxx/CVE-2019-2230.json index 6972ecee2c1..723367fd743 100644 --- a/2019/2xxx/CVE-2019-2230.json +++ b/2019/2xxx/CVE-2019-2230.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2230", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2230", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2851.json b/2019/2xxx/CVE-2019-2851.json index 2744aee5432..5de93c76cc3 100644 --- a/2019/2xxx/CVE-2019-2851.json +++ b/2019/2xxx/CVE-2019-2851.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2851", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2851", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3051.json b/2019/3xxx/CVE-2019-3051.json index b38a6950ccc..6405b96d542 100644 --- a/2019/3xxx/CVE-2019-3051.json +++ b/2019/3xxx/CVE-2019-3051.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3051", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3051", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3156.json b/2019/3xxx/CVE-2019-3156.json index c83becb7dca..cfc569ea117 100644 --- a/2019/3xxx/CVE-2019-3156.json +++ b/2019/3xxx/CVE-2019-3156.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3156", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3156", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3672.json b/2019/3xxx/CVE-2019-3672.json index 1df57e7d1a6..2df964660af 100644 --- a/2019/3xxx/CVE-2019-3672.json +++ b/2019/3xxx/CVE-2019-3672.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3672", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3672", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3798.json b/2019/3xxx/CVE-2019-3798.json index 6621e94dd27..cc70861f108 100644 --- a/2019/3xxx/CVE-2019-3798.json +++ b/2019/3xxx/CVE-2019-3798.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3798", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3798", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3889.json b/2019/3xxx/CVE-2019-3889.json index 3ef69d3ea6b..b339380ec2e 100644 --- a/2019/3xxx/CVE-2019-3889.json +++ b/2019/3xxx/CVE-2019-3889.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3889", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3889", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4492.json b/2019/4xxx/CVE-2019-4492.json index b128e3fb69d..eee45a9a96c 100644 --- a/2019/4xxx/CVE-2019-4492.json +++ b/2019/4xxx/CVE-2019-4492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6100.json b/2019/6xxx/CVE-2019-6100.json index 040d793252e..4f08f1ea642 100644 --- a/2019/6xxx/CVE-2019-6100.json +++ b/2019/6xxx/CVE-2019-6100.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6100", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6100", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6267.json b/2019/6xxx/CVE-2019-6267.json index 7cb3c47fb4c..7361a180244 100644 --- a/2019/6xxx/CVE-2019-6267.json +++ b/2019/6xxx/CVE-2019-6267.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6267", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6267", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wordpress.org/plugins/easy-redirect-manager/#developers", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/easy-redirect-manager/#developers" - }, - { - "name" : "https://www.logicallysecure.com/blog/ls-team-discovers-xss-in-wordpress-plugin/", - "refsource" : "MISC", - "url" : "https://www.logicallysecure.com/blog/ls-team-discovers-xss-in-wordpress-plugin/" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/9203", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/9203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/easy-redirect-manager/#developers", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/easy-redirect-manager/#developers" + }, + { + "name": "https://www.logicallysecure.com/blog/ls-team-discovers-xss-in-wordpress-plugin/", + "refsource": "MISC", + "url": "https://www.logicallysecure.com/blog/ls-team-discovers-xss-in-wordpress-plugin/" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/9203", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/9203" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6394.json b/2019/6xxx/CVE-2019-6394.json index d37af6de84c..a733b801b1e 100644 --- a/2019/6xxx/CVE-2019-6394.json +++ b/2019/6xxx/CVE-2019-6394.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6394", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6394", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6686.json b/2019/6xxx/CVE-2019-6686.json index 5e53d30254b..91a048e17d3 100644 --- a/2019/6xxx/CVE-2019-6686.json +++ b/2019/6xxx/CVE-2019-6686.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6686", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6686", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6780.json b/2019/6xxx/CVE-2019-6780.json index ebfaae380de..cc8fa33d2a1 100644 --- a/2019/6xxx/CVE-2019-6780.json +++ b/2019/6xxx/CVE-2019-6780.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46247", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46247/" - }, - { - "name" : "https://plugins.trac.wordpress.org/changeset/2016929/wise-chat/trunk/src/rendering/filters/post/WiseChatLinksPostFilter.php", - "refsource" : "MISC", - "url" : "https://plugins.trac.wordpress.org/changeset/2016929/wise-chat/trunk/src/rendering/filters/post/WiseChatLinksPostFilter.php" - }, - { - "name" : "https://wordpress.org/plugins/wise-chat/#developers", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/wise-chat/#developers" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://plugins.trac.wordpress.org/changeset/2016929/wise-chat/trunk/src/rendering/filters/post/WiseChatLinksPostFilter.php", + "refsource": "MISC", + "url": "https://plugins.trac.wordpress.org/changeset/2016929/wise-chat/trunk/src/rendering/filters/post/WiseChatLinksPostFilter.php" + }, + { + "name": "https://wordpress.org/plugins/wise-chat/#developers", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/wise-chat/#developers" + }, + { + "name": "46247", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46247/" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7393.json b/2019/7xxx/CVE-2019-7393.json index 5bae23d51c4..aa334a54b28 100644 --- a/2019/7xxx/CVE-2019-7393.json +++ b/2019/7xxx/CVE-2019-7393.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7393", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7393", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7411.json b/2019/7xxx/CVE-2019-7411.json index e28466cf33f..79687ab6e3a 100644 --- a/2019/7xxx/CVE-2019-7411.json +++ b/2019/7xxx/CVE-2019-7411.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7411", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7411", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7591.json b/2019/7xxx/CVE-2019-7591.json index 2efeffa09bd..6566b54f10b 100644 --- a/2019/7xxx/CVE-2019-7591.json +++ b/2019/7xxx/CVE-2019-7591.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7591", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7591", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7674.json b/2019/7xxx/CVE-2019-7674.json index 807dfc9638b..4387d7620d8 100644 --- a/2019/7xxx/CVE-2019-7674.json +++ b/2019/7xxx/CVE-2019-7674.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the \"aaaaa\" password, considered insecure for some use cases, from a user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb", - "refsource" : "MISC", - "url" : "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the \"aaaaa\" password, considered insecure for some use cases, from a user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb", + "refsource": "MISC", + "url": "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8064.json b/2019/8xxx/CVE-2019-8064.json index fc895c95de3..68457dbb61e 100644 --- a/2019/8xxx/CVE-2019-8064.json +++ b/2019/8xxx/CVE-2019-8064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8709.json b/2019/8xxx/CVE-2019-8709.json index 3c5f25f3106..fa3f6b0ced7 100644 --- a/2019/8xxx/CVE-2019-8709.json +++ b/2019/8xxx/CVE-2019-8709.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8709", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8709", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8743.json b/2019/8xxx/CVE-2019-8743.json index dd1891a1699..e132a720261 100644 --- a/2019/8xxx/CVE-2019-8743.json +++ b/2019/8xxx/CVE-2019-8743.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8743", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8743", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8890.json b/2019/8xxx/CVE-2019-8890.json index 4c476ee03bc..9e9b0757b10 100644 --- a/2019/8xxx/CVE-2019-8890.json +++ b/2019/8xxx/CVE-2019-8890.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8890", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8890", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9009.json b/2019/9xxx/CVE-2019-9009.json index d78b413c3dc..447d3f253b6 100644 --- a/2019/9xxx/CVE-2019-9009.json +++ b/2019/9xxx/CVE-2019-9009.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9009", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9009", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9066.json b/2019/9xxx/CVE-2019-9066.json index 4c3ba605115..46f547c7364 100644 --- a/2019/9xxx/CVE-2019-9066.json +++ b/2019/9xxx/CVE-2019-9066.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/", - "refsource" : "MISC", - "url" : "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/", + "refsource": "MISC", + "url": "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9083.json b/2019/9xxx/CVE-2019-9083.json index d9c1a7cd75a..14fb757830f 100644 --- a/2019/9xxx/CVE-2019-9083.json +++ b/2019/9xxx/CVE-2019-9083.json @@ -2,30 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9083", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } + "STATE": "RESERVED" }, "data_format": "MITRE", "data_type": "CVE", @@ -34,28 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://seclists.org/fulldisclosure/2019/Feb/51", - "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2019/Feb/51" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2019/9xxx/CVE-2019-9306.json b/2019/9xxx/CVE-2019-9306.json index a6bfd18e558..7c087c4e534 100644 --- a/2019/9xxx/CVE-2019-9306.json +++ b/2019/9xxx/CVE-2019-9306.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9306", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9306", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file