diff --git a/2007/0xxx/CVE-2007-0026.json b/2007/0xxx/CVE-2007-0026.json index a0a66b6fa80..45a737bcdd6 100644 --- a/2007/0xxx/CVE-2007-0026.json +++ b/2007/0xxx/CVE-2007-0026.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS07-011", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-011" - }, - { - "name" : "TA07-044A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" - }, - { - "name" : "VU#497756", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/497756" - }, - { - "name" : "22483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22483" - }, - { - "name" : "ADV-2007-0580", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0580" - }, - { - "name" : "31885", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31885" - }, - { - "name" : "oval:org.mitre.oval:def:540", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A540" - }, - { - "name" : "1017637", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017637" - }, - { - "name" : "24147", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0580", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0580" + }, + { + "name": "24147", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24147" + }, + { + "name": "VU#497756", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/497756" + }, + { + "name": "TA07-044A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" + }, + { + "name": "31885", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31885" + }, + { + "name": "22483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22483" + }, + { + "name": "oval:org.mitre.oval:def:540", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A540" + }, + { + "name": "MS07-011", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-011" + }, + { + "name": "1017637", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017637" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0050.json b/2007/0xxx/CVE-2007-0050.json index 8d3c3ef6291..3fb7821f74b 100644 --- a/2007/0xxx/CVE-2007-0050.json +++ b/2007/0xxx/CVE-2007-0050.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0050", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the language parameter. NOTE: this issue has been disputed by the developer and a third party, since the variable is set before use. CVE analysis suggests that there is a small time window of risk before the installation is complete." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0050", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070103 OpenPinboard <= Remote File Include", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455795/100/0/threaded" - }, - { - "name" : "20070103 Re: OpenPinboard <= Remote File Include", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455818/100/0/threaded" - }, - { - "name" : "20070106 Re: OpenPinboard <= Remote File Include", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2007-01/0176.html" - }, - { - "name" : "33375", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33375" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the language parameter. NOTE: this issue has been disputed by the developer and a third party, since the variable is set before use. CVE analysis suggests that there is a small time window of risk before the installation is complete." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070103 OpenPinboard <= Remote File Include", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455795/100/0/threaded" + }, + { + "name": "20070103 Re: OpenPinboard <= Remote File Include", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455818/100/0/threaded" + }, + { + "name": "20070106 Re: OpenPinboard <= Remote File Include", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2007-01/0176.html" + }, + { + "name": "33375", + "refsource": "OSVDB", + "url": "http://osvdb.org/33375" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0106.json b/2007/0xxx/CVE-2007-0106.json index c5f56d57117..8d43db5495c 100644 --- a/2007/0xxx/CVE-2007-0106.json +++ b/2007/0xxx/CVE-2007-0106.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not properly handled when WordPress generates a new link to verify the request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456048/100/0/threaded" - }, - { - "name" : "http://www.hardened-php.net/advisory_012007.140.html", - "refsource" : "MISC", - "url" : "http://www.hardened-php.net/advisory_012007.140.html" - }, - { - "name" : "http://wordpress.org/development/2007/01/wordpress-206/", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/development/2007/01/wordpress-206/" - }, - { - "name" : "21893", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21893" - }, - { - "name" : "ADV-2007-0061", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0061" - }, - { - "name" : "33397", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33397" - }, - { - "name" : "23595", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23595" - }, - { - "name" : "2114", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2114" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not properly handled when WordPress generates a new link to verify the request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2114", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2114" + }, + { + "name": "20070105 Advisory 01/2007: WordPress CSRF Protection XSS Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456048/100/0/threaded" + }, + { + "name": "http://wordpress.org/development/2007/01/wordpress-206/", + "refsource": "CONFIRM", + "url": "http://wordpress.org/development/2007/01/wordpress-206/" + }, + { + "name": "23595", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23595" + }, + { + "name": "33397", + "refsource": "OSVDB", + "url": "http://osvdb.org/33397" + }, + { + "name": "ADV-2007-0061", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0061" + }, + { + "name": "21893", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21893" + }, + { + "name": "http://www.hardened-php.net/advisory_012007.140.html", + "refsource": "MISC", + "url": "http://www.hardened-php.net/advisory_012007.140.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0602.json b/2007/0xxx/CVE-2007-0602.json index 534a88e7a83..a3623be9c48 100644 --- a/2007/0xxx/CVE-2007-0602.json +++ b/2007/0xxx/CVE-2007-0602.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0602", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0602", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070125 Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458111/100/0/threaded" - }, - { - "name" : "http://www.devtarget.org/tmvwall381v3_exp.c", - "refsource" : "MISC", - "url" : "http://www.devtarget.org/tmvwall381v3_exp.c" - }, - { - "name" : "http://www.devtarget.org/trendmicro-advisory-01-2007.txt", - "refsource" : "MISC", - "url" : "http://www.devtarget.org/trendmicro-advisory-01-2007.txt" - }, - { - "name" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124", - "refsource" : "CONFIRM", - "url" : "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124" - }, - { - "name" : "ADV-2007-0367", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0367" - }, - { - "name" : "33043", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33043" - }, - { - "name" : "1017562", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017562" - }, - { - "name" : "2204", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2204", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2204" + }, + { + "name": "http://www.devtarget.org/trendmicro-advisory-01-2007.txt", + "refsource": "MISC", + "url": "http://www.devtarget.org/trendmicro-advisory-01-2007.txt" + }, + { + "name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124", + "refsource": "CONFIRM", + "url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034124&id=EN-1034124" + }, + { + "name": "1017562", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017562" + }, + { + "name": "ADV-2007-0367", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0367" + }, + { + "name": "20070125 Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458111/100/0/threaded" + }, + { + "name": "33043", + "refsource": "OSVDB", + "url": "http://osvdb.org/33043" + }, + { + "name": "http://www.devtarget.org/tmvwall381v3_exp.c", + "refsource": "MISC", + "url": "http://www.devtarget.org/tmvwall381v3_exp.c" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0723.json b/2007/0xxx/CVE-2007-0723.json index fd638486f09..3c21835674a 100644 --- a/2007/0xxx/CVE-2007-0723.json +++ b/2007/0xxx/CVE-2007-0723.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305214", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305214" - }, - { - "name" : "APPLE-SA-2007-03-13", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" - }, - { - "name" : "TA07-072A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" - }, - { - "name" : "VU#557064", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/557064" - }, - { - "name" : "22948", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22948" - }, - { - "name" : "ADV-2007-0930", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0930" - }, - { - "name" : "34848", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34848" - }, - { - "name" : "1017751", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017751" - }, - { - "name" : "24479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-072A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" + }, + { + "name": "APPLE-SA-2007-03-13", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" + }, + { + "name": "34848", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34848" + }, + { + "name": "22948", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22948" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305214", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305214" + }, + { + "name": "1017751", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017751" + }, + { + "name": "VU#557064", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/557064" + }, + { + "name": "ADV-2007-0930", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0930" + }, + { + "name": "24479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24479" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1213.json b/2007/1xxx/CVE-2007-1213.json index 0f20be644b6..57ea448857e 100644 --- a/2007/1xxx/CVE-2007-1213.json +++ b/2007/1xxx/CVE-2007-1213.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1213", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-1213", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBST02206", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466186/100/200/threaded" - }, - { - "name" : "SSRT071354", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466186/100/200/threaded" - }, - { - "name" : "MS07-017", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017" - }, - { - "name" : "23276", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23276" - }, - { - "name" : "ADV-2007-1215", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1215" - }, - { - "name" : "oval:org.mitre.oval:def:1797", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797" - }, - { - "name" : "1017845", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1215", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1215" + }, + { + "name": "23276", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23276" + }, + { + "name": "HPSBST02206", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded" + }, + { + "name": "MS07-017", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017" + }, + { + "name": "1017845", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017845" + }, + { + "name": "SSRT071354", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded" + }, + { + "name": "oval:org.mitre.oval:def:1797", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1313.json b/2007/1xxx/CVE-2007-1313.json index b900d21744e..b2d1276d719 100644 --- a/2007/1xxx/CVE-2007-1313.json +++ b/2007/1xxx/CVE-2007-1313.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1313", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control (OPC) server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the (1) IOPCSyncIO::Read, (2) IOPCSyncIO::Write, (3) IOPCServer::AddGroup, (4) IOPCServer::RemoveGroup, (5) IOPCCommon::SetClientName, and (6) IOPCGroupStateMgt::CloneGroup functions, which allow access to arbitrary memory. NOTE: the vectors might be limited to attackers with physical access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-1313", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070322 [NB07-22] Multiple vulnerabilities in NETxEIB OPC server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463539/100/0/threaded" - }, - { - "name" : "http://www.neutralbit.com/advisories/NB07-22.txt", - "refsource" : "MISC", - "url" : "http://www.neutralbit.com/advisories/NB07-22.txt" - }, - { - "name" : "http://www.kb.cert.org/vuls/id/MIMG-6XEPXN", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MIMG-6XEPXN" - }, - { - "name" : "VU#296593", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/296593" - }, - { - "name" : "23059", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23059" - }, - { - "name" : "ADV-2007-1038", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1038" - }, - { - "name" : "34440", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34440" - }, - { - "name" : "1017803", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017803" - }, - { - "name" : "24612", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24612" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control (OPC) server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the (1) IOPCSyncIO::Read, (2) IOPCSyncIO::Write, (3) IOPCServer::AddGroup, (4) IOPCServer::RemoveGroup, (5) IOPCCommon::SetClientName, and (6) IOPCGroupStateMgt::CloneGroup functions, which allow access to arbitrary memory. NOTE: the vectors might be limited to attackers with physical access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017803", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017803" + }, + { + "name": "20070322 [NB07-22] Multiple vulnerabilities in NETxEIB OPC server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463539/100/0/threaded" + }, + { + "name": "VU#296593", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/296593" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MIMG-6XEPXN", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MIMG-6XEPXN" + }, + { + "name": "34440", + "refsource": "OSVDB", + "url": "http://osvdb.org/34440" + }, + { + "name": "http://www.neutralbit.com/advisories/NB07-22.txt", + "refsource": "MISC", + "url": "http://www.neutralbit.com/advisories/NB07-22.txt" + }, + { + "name": "24612", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24612" + }, + { + "name": "23059", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23059" + }, + { + "name": "ADV-2007-1038", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1038" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1380.json b/2007/1xxx/CVE-2007-1380.json index ed45cf11ed8..9ac3df6000d 100644 --- a/2007/1xxx/CVE-2007-1380.json +++ b/2007/1xxx/CVE-2007-1380.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3413", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3413" - }, - { - "name" : "http://www.php-security.org/MOPB/MOPB-10-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-10-2007.html" - }, - { - "name" : "DSA-1282", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1282" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "GLSA-200703-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml" - }, - { - "name" : "HPSBMA02215", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "SSRT071423", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "HPSBTU02232", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SSRT071429", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SUSE-SA:2007:020", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "USN-455-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-455-1" - }, - { - "name" : "22805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22805" - }, - { - "name" : "oval:org.mitre.oval:def:10792", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792" - }, - { - "name" : "ADV-2007-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1991" - }, - { - "name" : "ADV-2007-2374", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2374" - }, - { - "name" : "24514", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24514" - }, - { - "name" : "24606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24606" - }, - { - "name" : "25025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25025" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25057" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - }, - { - "name" : "25423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25423" - }, - { - "name" : "25850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1991" + }, + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-10-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-10-2007.html" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "SSRT071423", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "24606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24606" + }, + { + "name": "24514", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24514" + }, + { + "name": "HPSBTU02232", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "GLSA-200703-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml" + }, + { + "name": "22805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22805" + }, + { + "name": "SSRT071429", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "ADV-2007-2374", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2374" + }, + { + "name": "SUSE-SA:2007:020", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" + }, + { + "name": "25423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25423" + }, + { + "name": "USN-455-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-455-1" + }, + { + "name": "3413", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3413" + }, + { + "name": "DSA-1282", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1282" + }, + { + "name": "oval:org.mitre.oval:def:10792", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792" + }, + { + "name": "HPSBMA02215", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "25850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25850" + }, + { + "name": "25057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25057" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + }, + { + "name": "25025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25025" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1576.json b/2007/1xxx/CVE-2007-1576.json index 9bacff7ad54..19b0478e38a 100644 --- a/2007/1xxx/CVE-2007-1576.json +++ b/2007/1xxx/CVE-2007-1576.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1576", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the (1) Projects, (2) Contacts, (3) Helpdesk, (4) Search (only Gecko engine driven Browsers), and (5) Notes modules; the (6) Mail summary page; and unspecified other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1576", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070314 n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462788/100/0/threaded" - }, - { - "name" : "http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php", - "refsource" : "MISC", - "url" : "http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php" - }, - { - "name" : "http://www.phprojekt.com/index.php?name=News&file=article&sid=276", - "refsource" : "CONFIRM", - "url" : "http://www.phprojekt.com/index.php?name=News&file=article&sid=276" - }, - { - "name" : "GLSA-200706-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200706-07.xml" - }, - { - "name" : "22957", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22957" - }, - { - "name" : "34064", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34064" - }, - { - "name" : "34065", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34065" - }, - { - "name" : "34066", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34066" - }, - { - "name" : "34067", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34067" - }, - { - "name" : "34068", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34068" - }, - { - "name" : "34069", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34069" - }, - { - "name" : "24509", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24509" - }, - { - "name" : "25748", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25748" - }, - { - "name" : "2459", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the (1) Projects, (2) Contacts, (3) Helpdesk, (4) Search (only Gecko engine driven Browsers), and (5) Notes modules; the (6) Mail summary page; and unspecified other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34064", + "refsource": "OSVDB", + "url": "http://osvdb.org/34064" + }, + { + "name": "34068", + "refsource": "OSVDB", + "url": "http://osvdb.org/34068" + }, + { + "name": "20070314 n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462788/100/0/threaded" + }, + { + "name": "34065", + "refsource": "OSVDB", + "url": "http://osvdb.org/34065" + }, + { + "name": "34066", + "refsource": "OSVDB", + "url": "http://osvdb.org/34066" + }, + { + "name": "34067", + "refsource": "OSVDB", + "url": "http://osvdb.org/34067" + }, + { + "name": "34069", + "refsource": "OSVDB", + "url": "http://osvdb.org/34069" + }, + { + "name": "24509", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24509" + }, + { + "name": "22957", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22957" + }, + { + "name": "http://www.phprojekt.com/index.php?name=News&file=article&sid=276", + "refsource": "CONFIRM", + "url": "http://www.phprojekt.com/index.php?name=News&file=article&sid=276" + }, + { + "name": "GLSA-200706-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200706-07.xml" + }, + { + "name": "http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php", + "refsource": "MISC", + "url": "http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php" + }, + { + "name": "2459", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2459" + }, + { + "name": "25748", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25748" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1607.json b/2007/1xxx/CVE-2007-1607.json index 58e9639a207..3d745dc0e31 100644 --- a/2007/1xxx/CVE-2007-1607.json +++ b/2007/1xxx/CVE-2007-1607.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1607", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1607", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463286/100/0/threaded" - }, - { - "name" : "23057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23057" - }, - { - "name" : "34376", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34376" - }, - { - "name" : "24605", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24605" - }, - { - "name" : "2462", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2462" - }, - { - "name" : "wagora-search-sql-injection(33177)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33177" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "search.php in w-Agora (Web-Agora) allows remote attackers to obtain potentially sensitive information via a ' (quote) value followed by certain SQL sequences in the (1) search_forum or (2) search_user parameter, which force a SQL error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wagora-search-sql-injection(33177)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33177" + }, + { + "name": "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463286/100/0/threaded" + }, + { + "name": "2462", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2462" + }, + { + "name": "24605", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24605" + }, + { + "name": "23057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23057" + }, + { + "name": "34376", + "refsource": "OSVDB", + "url": "http://osvdb.org/34376" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3683.json b/2007/3xxx/CVE-2007-3683.json index 5ac7ebffa0a..b5a83290d1e 100644 --- a/2007/3xxx/CVE-2007-3683.json +++ b/2007/3xxx/CVE-2007-3683.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote attackers to execute arbitrary SQL commands via the topic_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4164", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4164" - }, - { - "name" : "24836", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24836" - }, - { - "name" : "ADV-2007-2474", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2474" - }, - { - "name" : "35964", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35964" - }, - { - "name" : "25996", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25996" - }, - { - "name" : "aigaion-pagetopic-sql-injection(35306)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35306" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote attackers to execute arbitrary SQL commands via the topic_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "aigaion-pagetopic-sql-injection(35306)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35306" + }, + { + "name": "24836", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24836" + }, + { + "name": "25996", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25996" + }, + { + "name": "ADV-2007-2474", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2474" + }, + { + "name": "35964", + "refsource": "OSVDB", + "url": "http://osvdb.org/35964" + }, + { + "name": "4164", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4164" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4017.json b/2007/4xxx/CVE-2007-4017.json index 9bc37c51259..d77466c66fd 100644 --- a/2007/4xxx/CVE-2007-4017.json +++ b/2007/4xxx/CVE-2007-4017.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4017", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4017", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.citrix.com/article/CTX113817", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX113817" - }, - { - "name" : "http://support.citrix.com/article/CTX114028", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX114028" - }, - { - "name" : "24975", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24975" - }, - { - "name" : "ADV-2007-2583", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2583" - }, - { - "name" : "37841", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37841" - }, - { - "name" : "1018435", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018435" - }, - { - "name" : "26143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26143" - }, - { - "name" : "citrix-access-adminconsole-csrf(35513)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2583", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2583" + }, + { + "name": "http://support.citrix.com/article/CTX113817", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX113817" + }, + { + "name": "26143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26143" + }, + { + "name": "24975", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24975" + }, + { + "name": "37841", + "refsource": "OSVDB", + "url": "http://osvdb.org/37841" + }, + { + "name": "citrix-access-adminconsole-csrf(35513)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35513" + }, + { + "name": "1018435", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018435" + }, + { + "name": "http://support.citrix.com/article/CTX114028", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX114028" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4053.json b/2007/4xxx/CVE-2007-4053.json index fc328e34500..8bfa0897c18 100644 --- a/2007/4xxx/CVE-2007-4053.json +++ b/2007/4xxx/CVE-2007-4053.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4053", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4053", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4242", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4242" - }, - { - "name" : "25119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25119" - }, - { - "name" : "ADV-2007-2692", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2692" - }, - { - "name" : "36286", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36286" - }, - { - "name" : "26259", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26259" - }, - { - "name" : "linpha-newimages-sql-injection(35674)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35674" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26259", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26259" + }, + { + "name": "ADV-2007-2692", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2692" + }, + { + "name": "4242", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4242" + }, + { + "name": "36286", + "refsource": "OSVDB", + "url": "http://osvdb.org/36286" + }, + { + "name": "25119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25119" + }, + { + "name": "linpha-newimages-sql-injection(35674)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35674" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4126.json b/2007/4xxx/CVE-2007-4126.json index ec872ba52ff..253708bf15c 100644 --- a/2007/4xxx/CVE-2007-4126.json +++ b/2007/4xxx/CVE-2007-4126.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "103021", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103021-1" - }, - { - "name" : "25151", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25151" - }, - { - "name" : "ADV-2007-2729", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2729" - }, - { - "name" : "36613", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36613" - }, - { - "name" : "oval:org.mitre.oval:def:9039", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9039" - }, - { - "name" : "1018484", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018484" - }, - { - "name" : "26280", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26280" - }, - { - "name" : "solaris-dtrace-dos(35700)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35700" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25151", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25151" + }, + { + "name": "36613", + "refsource": "OSVDB", + "url": "http://osvdb.org/36613" + }, + { + "name": "ADV-2007-2729", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2729" + }, + { + "name": "103021", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103021-1" + }, + { + "name": "26280", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26280" + }, + { + "name": "1018484", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018484" + }, + { + "name": "oval:org.mitre.oval:def:9039", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9039" + }, + { + "name": "solaris-dtrace-dos(35700)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35700" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4498.json b/2007/4xxx/CVE-2007-4498.json index 52da7888d73..78eb88d2be6 100644 --- a/2007/4xxx/CVE-2007-4498.json +++ b/2007/4xxx/CVE-2007-4498.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain \"SIP/2.0 183 Session Progress\" message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070822 Remote eavesdropping with SIP Phone GXV-3000", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html" - }, - { - "name" : "25399", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25399" - }, - { - "name" : "ADV-2007-2970", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2970" - }, - { - "name" : "40185", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40185" - }, - { - "name" : "1018598", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018598" - }, - { - "name" : "26568", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26568" - }, - { - "name" : "3059", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3059" - }, - { - "name" : "sipphone-sip-dos(36170)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36170" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain \"SIP/2.0 183 Session Progress\" message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26568", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26568" + }, + { + "name": "ADV-2007-2970", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2970" + }, + { + "name": "25399", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25399" + }, + { + "name": "1018598", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018598" + }, + { + "name": "20070822 Remote eavesdropping with SIP Phone GXV-3000", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html" + }, + { + "name": "3059", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3059" + }, + { + "name": "sipphone-sip-dos(36170)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36170" + }, + { + "name": "40185", + "refsource": "OSVDB", + "url": "http://osvdb.org/40185" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4728.json b/2007/4xxx/CVE-2007-4728.json index 1c4a59fc487..872cff6593e 100644 --- a/2007/4xxx/CVE-2007-4728.json +++ b/2007/4xxx/CVE-2007-4728.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4728", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4728", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5804.json b/2014/5xxx/CVE-2014-5804.json index 06ad6826594..43c95c0c656 100644 --- a/2014/5xxx/CVE-2014-5804.json +++ b/2014/5xxx/CVE-2014-5804.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#977617", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/977617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#977617", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/977617" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2102.json b/2015/2xxx/CVE-2015-2102.json index 06cbaa2bf1e..ad0b135f09a 100644 --- a/2015/2xxx/CVE-2015-2102.json +++ b/2015/2xxx/CVE-2015-2102.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150304 [CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534790/100/0/threaded" - }, - { - "name" : "36156", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/36156" - }, - { - "name" : "http://packetstormsecurity.com/files/130485/Clipbucket-2.7.0.4.v2929-rc3-Blind-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130485/Clipbucket-2.7.0.4.v2929-rc3-Blind-SQL-Injection.html" - }, - { - "name" : "72879", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72879" - }, - { - "name" : "118667", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/118667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "118667", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/118667" + }, + { + "name": "72879", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72879" + }, + { + "name": "20150304 [CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534790/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/130485/Clipbucket-2.7.0.4.v2929-rc3-Blind-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130485/Clipbucket-2.7.0.4.v2929-rc3-Blind-SQL-Injection.html" + }, + { + "name": "36156", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/36156" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2244.json b/2015/2xxx/CVE-2015-2244.json index 891f9a2b548..6463f96873f 100644 --- a/2015/2xxx/CVE-2015-2244.json +++ b/2015/2xxx/CVE-2015-2244.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun 1.062S allow remote attackers to inject arbitrary web script or HTML via the (1) param, (2) center, (3) lap, (4) termid, or (5) nyelv_id parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150305 Webshop hun v1.062S XSS (Cross-site Scripting) Security Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/25" - }, - { - "name" : "http://packetstormsecurity.com/files/130648/Webshop-Hun-1.062S-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130648/Webshop-Hun-1.062S-Cross-Site-Scripting.html" - }, - { - "name" : "http://tetraph.com/security/xss-vulnerability/webshop-hun-v1-062s-xss-cross-site-scripting-security-vulnerabilities/", - "refsource" : "MISC", - "url" : "http://tetraph.com/security/xss-vulnerability/webshop-hun-v1-062s-xss-cross-site-scripting-security-vulnerabilities/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun 1.062S allow remote attackers to inject arbitrary web script or HTML via the (1) param, (2) center, (3) lap, (4) termid, or (5) nyelv_id parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tetraph.com/security/xss-vulnerability/webshop-hun-v1-062s-xss-cross-site-scripting-security-vulnerabilities/", + "refsource": "MISC", + "url": "http://tetraph.com/security/xss-vulnerability/webshop-hun-v1-062s-xss-cross-site-scripting-security-vulnerabilities/" + }, + { + "name": "http://packetstormsecurity.com/files/130648/Webshop-Hun-1.062S-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130648/Webshop-Hun-1.062S-Cross-Site-Scripting.html" + }, + { + "name": "20150305 Webshop hun v1.062S XSS (Cross-site Scripting) Security Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/25" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2459.json b/2015/2xxx/CVE-2015-2459.json index b8932015dd0..c7aac306a59 100644 --- a/2015/2xxx/CVE-2015-2459.json +++ b/2015/2xxx/CVE-2015-2459.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka \"OpenType Font Parsing Vulnerability,\" a different vulnerability than CVE-2015-2458 and CVE-2015-2461." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37922", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37922/" - }, - { - "name" : "MS15-080", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" - }, - { - "name" : "1033238", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033238" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka \"OpenType Font Parsing Vulnerability,\" a different vulnerability than CVE-2015-2458 and CVE-2015-2461." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-080", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" + }, + { + "name": "1033238", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033238" + }, + { + "name": "37922", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37922/" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2949.json b/2015/2xxx/CVE-2015-2949.json index f9caf45b5e0..3bf4396f3f8 100644 --- a/2015/2xxx/CVE-2015-2949.json +++ b/2015/2xxx/CVE-2015-2949.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2949", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2949", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#51176150", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN51176150/index.html" - }, - { - "name" : "JVNDB-2015-000071", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000071" - }, - { - "name" : "74889", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74889" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#51176150", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN51176150/index.html" + }, + { + "name": "JVNDB-2015-000071", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000071" + }, + { + "name": "74889", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74889" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3316.json b/2015/3xxx/CVE-2015-3316.json index f23743b9935..003de91fced 100644 --- a/2015/3xxx/CVE-2015-3316.json +++ b/2015/3xxx/CVE-2015-3316.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx" - }, - { - "name" : "75033", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75033" - }, - { - "name" : "1032512", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032512" - }, - { - "name" : "1032513", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032513", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032513" + }, + { + "name": "75033", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75033" + }, + { + "name": "1032512", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032512" + }, + { + "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3487.json b/2015/3xxx/CVE-2015-3487.json index c2c9e354b7c..a612ef1d4f6 100644 --- a/2015/3xxx/CVE-2015-3487.json +++ b/2015/3xxx/CVE-2015-3487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3487", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3487", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3605.json b/2015/3xxx/CVE-2015-3605.json index 340eb7ce552..bad58a11d9a 100644 --- a/2015/3xxx/CVE-2015-3605.json +++ b/2015/3xxx/CVE-2015-3605.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3605", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3605", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6164.json b/2015/6xxx/CVE-2015-6164.json index 1af4eff6224..3015dcc1a9b 100644 --- a/2015/6xxx/CVE-2015-6164.json +++ b/2015/6xxx/CVE-2015-6164.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka \"Internet Explorer XSS Filter Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka \"Internet Explorer XSS Filter Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6363.json b/2015/6xxx/CVE-2015-6363.json index 8160b531fad..4dcaa2d9b08 100644 --- a/2015/6xxx/CVE-2015-6363.json +++ b/2015/6xxx/CVE-2015-6363.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Management Center (MC) 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151111 Cisco FireSight Management Center Web Framework Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151111-fmc" - }, - { - "name" : "1034138", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Management Center (MC) 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuw88396." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034138", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034138" + }, + { + "name": "20151111 Cisco FireSight Management Center Web Framework Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151111-fmc" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6591.json b/2015/6xxx/CVE-2015-6591.json index fd51f53721b..31486e4cc35 100644 --- a/2015/6xxx/CVE-2015-6591.json +++ b/2015/6xxx/CVE-2015-6591.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6591", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6591", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6789.json b/2015/6xxx/CVE-2015-6789.json index cdc4353112b..d958a1a24d2 100644 --- a/2015/6xxx/CVE-2015-6789.json +++ b/2015/6xxx/CVE-2015-6789.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=557981", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=557981" - }, - { - "name" : "https://codereview.chromium.org/1463433002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1463433002/" - }, - { - "name" : "DSA-3418", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3418" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "RHSA-2015:2618", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2618.html" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "USN-2860-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2860-1" - }, - { - "name" : "78734", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=557981", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=557981" + }, + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html" + }, + { + "name": "RHSA-2015:2618", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2618.html" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "DSA-3418", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3418" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "78734", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78734" + }, + { + "name": "USN-2860-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2860-1" + }, + { + "name": "https://codereview.chromium.org/1463433002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1463433002/" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7128.json b/2015/7xxx/CVE-2015-7128.json index 9e329ecd07d..193009d1cf0 100644 --- a/2015/7xxx/CVE-2015-7128.json +++ b/2015/7xxx/CVE-2015-7128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7128", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7128", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7202.json b/2015/7xxx/CVE-2015-7202.json index 46467ac3997..210d9e39ba4 100644 --- a/2015/7xxx/CVE-2015-7202.json +++ b/2015/7xxx/CVE-2015-7202.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-134.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-134.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1188105", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1188105" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193757", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193757" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193999", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193999" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1194002", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1194002" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1194006", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1194006" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1197012", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1197012" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200580", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200580" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1207571", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1207571" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208059", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208059" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212305", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212305" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1219330", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1219330" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221421", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221421" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221904", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221904" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "SUSE-SU-2015:2334", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2335", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html" - }, - { - "name" : "SUSE-SU-2015:2336", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79279" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1207571", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1207571" + }, + { + "name": "SUSE-SU-2015:2334", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200580", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200580" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-134.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-134.html" + }, + { + "name": "79279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79279" + }, + { + "name": "SUSE-SU-2015:2335", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1219330", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1219330" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193999", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193999" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221421", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221421" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1197012", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1197012" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193757", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193757" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1194002", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1194002" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208059", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208059" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1188105", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1188105" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221904", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221904" + }, + { + "name": "SUSE-SU-2015:2336", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212305", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212305" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1194006", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1194006" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7228.json b/2015/7xxx/CVE-2015-7228.json index d4e8e60d423..2aedbb3264e 100644 --- a/2015/7xxx/CVE-2015-7228.json +++ b/2015/7xxx/CVE-2015-7228.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2565875", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2565875" - }, - { - "name" : "https://www.drupal.org/node/2565421", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2565421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RESTful module 7.x-1.x before 7.x-1.3 for Drupal does not properly cache pages of authenticated users when using non-cookie authentication providers, which allows remote attackers to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2565875", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2565875" + }, + { + "name": "https://www.drupal.org/node/2565421", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2565421" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7548.json b/2015/7xxx/CVE-2015-7548.json index 7cd4cad0ce7..c70fb5cd7f2 100644 --- a/2015/7xxx/CVE-2015-7548.json +++ b/2015/7xxx/CVE-2015-7548.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7548", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7548", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://security.openstack.org/ossa/OSSA-2016-001.html", - "refsource" : "CONFIRM", - "url" : "https://security.openstack.org/ossa/OSSA-2016-001.html" - }, - { - "name" : "RHSA-2016:0018", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0018.html" - }, - { - "name" : "80176", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/80176" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty), when using libvirt to spawn instances and use_cow_images is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "80176", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80176" + }, + { + "name": "RHSA-2016:0018", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0018.html" + }, + { + "name": "https://security.openstack.org/ossa/OSSA-2016-001.html", + "refsource": "CONFIRM", + "url": "https://security.openstack.org/ossa/OSSA-2016-001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0140.json b/2016/0xxx/CVE-2016-0140.json index 2cc508e9bb1..dedcba7fbef 100644 --- a/2016/0xxx/CVE-2016-0140.json +++ b/2016/0xxx/CVE-2016-0140.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-054", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-054" - }, - { - "name" : "89953", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89953" - }, - { - "name" : "1035819", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035819" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-054", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-054" + }, + { + "name": "1035819", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035819" + }, + { + "name": "89953", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89953" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0491.json b/2016/0xxx/CVE-2016-0491.json index 6e570c84fa6..6317852edc3 100644 --- a/2016/0xxx/CVE-2016-0491.json +++ b/2016/0xxx/CVE-2016-0491.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that the UploadFileAction servlet allows remote authenticated users to upload and execute arbitrary files via an * (asterisk) character in the fileType parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39691", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39691/" - }, - { - "name" : "39852", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39852/" - }, - { - "name" : "http://packetstormsecurity.com/files/137175/Oracle-ATS-Arbitrary-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137175/Oracle-ATS-Arbitrary-File-Upload.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-047", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-047" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/multi/http/oracle_ats_file_upload", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/multi/http/oracle_ats_file_upload" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "81169", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81169" - }, - { - "name" : "1034734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that the UploadFileAction servlet allows remote authenticated users to upload and execute arbitrary files via an * (asterisk) character in the fileType parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "81169", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81169" + }, + { + "name": "39852", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39852/" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "39691", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39691/" + }, + { + "name": "http://packetstormsecurity.com/files/137175/Oracle-ATS-Arbitrary-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137175/Oracle-ATS-Arbitrary-File-Upload.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-047", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-047" + }, + { + "name": "1034734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034734" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/multi/http/oracle_ats_file_upload", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/multi/http/oracle_ats_file_upload" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0874.json b/2016/0xxx/CVE-2016-0874.json index 3c033c0fd18..d360bae9ae4 100644 --- a/2016/0xxx/CVE-2016-0874.json +++ b/2016/0xxx/CVE-2016-0874.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0874", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0874", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0932.json b/2016/0xxx/CVE-2016-0932.json index 3bd7d8f0704..a2c1513295f 100644 --- a/2016/0xxx/CVE-2016-0932.json +++ b/2016/0xxx/CVE-2016-0932.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0932", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0932", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-008", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-008" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" - }, - { - "name" : "1034646", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-008", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-008" + }, + { + "name": "1034646", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034646" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000227.json b/2016/1000xxx/CVE-2016-1000227.json index ae07a7a6b6d..82b1fcf8307 100644 --- a/2016/1000xxx/CVE-2016-1000227.json +++ b/2016/1000xxx/CVE-2016-1000227.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000227", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000227", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10549.json b/2016/10xxx/CVE-2016-10549.json index 40d67ac2ad1..2981acde274 100644 --- a/2016/10xxx/CVE-2016-10549.json +++ b/2016/10xxx/CVE-2016-10549.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "sails node module", - "version" : { - "version_data" : [ - { - "version_value" : "<=0.12.7" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sails is an MVC style framework for building realtime web applications. Version 0.12.7 and lower have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This would allow an attacker to make AJAX requests to vulnerable hosts through cross site scripting or a malicious HTML Document, effectively bypassing the Same Origin Policy. Note that this is only an issue when `allRoutes` is set to `true` and `origin` is set to `*` or left commented out in the sails CORS config file. The problem can be compounded when the cors `credentials` setting is not provided. At that point authenticated cross domain requests are possible." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control - Generic (CWE-284)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "sails node module", + "version": { + "version_data": [ + { + "version_value": "<=0.12.7" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sailsjs.org/documentation/concepts/security/cors", - "refsource" : "MISC", - "url" : "http://sailsjs.org/documentation/concepts/security/cors" - }, - { - "name" : "http://sailsjs.org/documentation/reference/configuration/sails-config-cors", - "refsource" : "MISC", - "url" : "http://sailsjs.org/documentation/reference/configuration/sails-config-cors" - }, - { - "name" : "https://nodesecurity.io/advisories/148", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/148" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sails is an MVC style framework for building realtime web applications. Version 0.12.7 and lower have an issue with the CORS configuration where the value of the origin header is reflected as the value for the Access-Control-Allow-Origin header. This would allow an attacker to make AJAX requests to vulnerable hosts through cross site scripting or a malicious HTML Document, effectively bypassing the Same Origin Policy. Note that this is only an issue when `allRoutes` is set to `true` and `origin` is set to `*` or left commented out in the sails CORS config file. The problem can be compounded when the cors `credentials` setting is not provided. At that point authenticated cross domain requests are possible." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control - Generic (CWE-284)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sailsjs.org/documentation/concepts/security/cors", + "refsource": "MISC", + "url": "http://sailsjs.org/documentation/concepts/security/cors" + }, + { + "name": "https://nodesecurity.io/advisories/148", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/148" + }, + { + "name": "http://sailsjs.org/documentation/reference/configuration/sails-config-cors", + "refsource": "MISC", + "url": "http://sailsjs.org/documentation/reference/configuration/sails-config-cors" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1155.json b/2016/1xxx/CVE-2016-1155.json index cbd13672f2e..6f3de92eb77 100644 --- a/2016/1xxx/CVE-2016-1155.json +++ b/2016/1xxx/CVE-2016-1155.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb", - "refsource" : "MISC", - "url" : "https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb" - }, - { - "name" : "JVN#99757346", - "refsource" : "JVN", - "url" : "https://jvn.jp/vu/JVNVU99757346/index.html" - }, - { - "name" : "97662", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97662" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97662", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97662" + }, + { + "name": "JVN#99757346", + "refsource": "JVN", + "url": "https://jvn.jp/vu/JVNVU99757346/index.html" + }, + { + "name": "https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb", + "refsource": "MISC", + "url": "https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1647.json b/2016/1xxx/CVE-2016-1647.json index 5dcb87a2ac8..e5a64c950d8 100644 --- a/2016/1xxx/CVE-2016-1647.json +++ b/2016/1xxx/CVE-2016-1647.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=590284", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=590284" - }, - { - "name" : "https://codereview.chromium.org/1747183002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1747183002/" - }, - { - "name" : "https://codereview.chromium.org/1811783002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1811783002/" - }, - { - "name" : "DSA-3531", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3531" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:0525", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0525.html" - }, - { - "name" : "openSUSE-SU-2016:1059", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html" - }, - { - "name" : "openSUSE-SU-2016:0929", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html" - }, - { - "name" : "openSUSE-SU-2016:0930", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html" - }, - { - "name" : "USN-2955-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2955-1" - }, - { - "name" : "1035423", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035423" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:0525", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0525.html" + }, + { + "name": "openSUSE-SU-2016:0929", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=590284", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=590284" + }, + { + "name": "https://codereview.chromium.org/1747183002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1747183002/" + }, + { + "name": "https://codereview.chromium.org/1811783002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1811783002/" + }, + { + "name": "openSUSE-SU-2016:1059", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html" + }, + { + "name": "DSA-3531", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3531" + }, + { + "name": "1035423", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035423" + }, + { + "name": "openSUSE-SU-2016:0930", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html" + }, + { + "name": "USN-2955-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2955-1" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1659.json b/2016/1xxx/CVE-2016-1659.json index ee52df66bfc..e2190cbcade 100644 --- a/2016/1xxx/CVE-2016-1659.json +++ b/2016/1xxx/CVE-2016-1659.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html" - }, - { - "name" : "https://crbug.com/602697", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/602697" - }, - { - "name" : "DSA-3549", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3549" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:0638", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0638.html" - }, - { - "name" : "SUSE-SU-2016:1060", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html" - }, - { - "name" : "openSUSE-SU-2016:1061", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html" - }, - { - "name" : "openSUSE-SU-2016:1135", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html" - }, - { - "name" : "openSUSE-SU-2016:1136", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html" - }, - { - "name" : "USN-2955-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2955-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1136", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html" + }, + { + "name": "https://crbug.com/602697", + "refsource": "CONFIRM", + "url": "https://crbug.com/602697" + }, + { + "name": "openSUSE-SU-2016:1135", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html" + }, + { + "name": "RHSA-2016:0638", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0638.html" + }, + { + "name": "SUSE-SU-2016:1060", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html" + }, + { + "name": "DSA-3549", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3549" + }, + { + "name": "openSUSE-SU-2016:1061", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html" + }, + { + "name": "USN-2955-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2955-1" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4077.json b/2016/4xxx/CVE-2016-4077.json index a36bb608869..1e12d59d75c 100644 --- a/2016/4xxx/CVE-2016-4077.json +++ b/2016/4xxx/CVE-2016-4077.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4077", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of truncated Tvb data structures, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4077", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://code.google.com/p/google-security-research/issues/detail?id=651", - "refsource" : "MISC", - "url" : "https://code.google.com/p/google-security-research/issues/detail?id=651" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2016-20.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2016-20.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11799", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11799" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5b2c1e8f40cee913bd70fcc00284483b3c92fcd", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5b2c1e8f40cee913bd70fcc00284483b3c92fcd" - }, - { - "name" : "1035685", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case handling of truncated Tvb data structures, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035685", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035685" + }, + { + "name": "https://code.google.com/p/google-security-research/issues/detail?id=651", + "refsource": "MISC", + "url": "https://code.google.com/p/google-security-research/issues/detail?id=651" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5b2c1e8f40cee913bd70fcc00284483b3c92fcd", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5b2c1e8f40cee913bd70fcc00284483b3c92fcd" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11799", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11799" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2016-20.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2016-20.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4113.json b/2016/4xxx/CVE-2016-4113.json index 60caf500aff..3750087d75c 100644 --- a/2016/4xxx/CVE-2016-4113.json +++ b/2016/4xxx/CVE-2016-4113.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" - }, - { - "name" : "MS16-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" - }, - { - "name" : "RHSA-2016:1079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "90618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90618" - }, - { - "name" : "1035827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "90618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90618" + }, + { + "name": "1035827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035827" + }, + { + "name": "MS16-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" + }, + { + "name": "RHSA-2016:1079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4481.json b/2016/4xxx/CVE-2016-4481.json index 1580c37a872..4a7d5898fa7 100644 --- a/2016/4xxx/CVE-2016-4481.json +++ b/2016/4xxx/CVE-2016-4481.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4481", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4481", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4599.json b/2016/4xxx/CVE-2016-4599.json index f032b7445a6..aab43acfb80 100644 --- a/2016/4xxx/CVE-2016-4599.json +++ b/2016/4xxx/CVE-2016-4599.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4783.json b/2016/4xxx/CVE-2016-4783.json index cfad5966a56..8ee20fa82ed 100644 --- a/2016/4xxx/CVE-2016-4783.json +++ b/2016/4xxx/CVE-2016-4783.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.lenovo.com/us/en/product_security/len_6421", - "refsource" : "CONFIRM", - "url" : "https://support.lenovo.com/us/en/product_security/len_6421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.lenovo.com/us/en/product_security/len_6421", + "refsource": "CONFIRM", + "url": "https://support.lenovo.com/us/en/product_security/len_6421" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0491.json b/2019/0xxx/CVE-2019-0491.json index 859db165fc3..1971ca30ee7 100644 --- a/2019/0xxx/CVE-2019-0491.json +++ b/2019/0xxx/CVE-2019-0491.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0491", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0491", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1000xxx/CVE-2019-1000024.json b/2019/1000xxx/CVE-2019-1000024.json index a042dbd043c..283bcbaae50 100644 --- a/2019/1000xxx/CVE-2019-1000024.json +++ b/2019/1000xxx/CVE-2019-1000024.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2019-01-22T21:21:10.031068", - "DATE_REQUESTED" : "2019-01-20T14:10:58", - "ID" : "CVE-2019-1000024", - "REQUESTER" : "piotr.karolak@gmail.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting (XSS) vulnerability in /js/libs/jstree/demo/filebrowser/index.php page. The \"id\" and \"operation\" GET parameters can be used to inject arbitrary JavaScript which is returned in the page's response that can result in Cross-site scripting.This attack appear to be exploitable via network connectivity." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2019-01-22T21:21:10.031068", + "DATE_REQUESTED": "2019-01-20T14:10:58", + "ID": "CVE-2019-1000024", + "REQUESTER": "piotr.karolak@gmail.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://inf0seq.github.io/cve/2019/01/20/Cross-site-scripting-(XSS)-in-OPTOSS-Next-Gen-Network-Management-System-(NG-NetMS).html", - "refsource" : "MISC", - "url" : "https://inf0seq.github.io/cve/2019/01/20/Cross-site-scripting-(XSS)-in-OPTOSS-Next-Gen-Network-Management-System-(NG-NetMS).html" - }, - { - "name" : "https://sourceforge.net/projects/ngnms/", - "refsource" : "MISC", - "url" : "https://sourceforge.net/projects/ngnms/" - }, - { - "name" : "https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)", - "refsource" : "MISC", - "url" : "https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting (XSS) vulnerability in /js/libs/jstree/demo/filebrowser/index.php page. The \"id\" and \"operation\" GET parameters can be used to inject arbitrary JavaScript which is returned in the page's response that can result in Cross-site scripting.This attack appear to be exploitable via network connectivity." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)", + "refsource": "MISC", + "url": "https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)" + }, + { + "name": "https://inf0seq.github.io/cve/2019/01/20/Cross-site-scripting-(XSS)-in-OPTOSS-Next-Gen-Network-Management-System-(NG-NetMS).html", + "refsource": "MISC", + "url": "https://inf0seq.github.io/cve/2019/01/20/Cross-site-scripting-(XSS)-in-OPTOSS-Next-Gen-Network-Management-System-(NG-NetMS).html" + }, + { + "name": "https://sourceforge.net/projects/ngnms/", + "refsource": "MISC", + "url": "https://sourceforge.net/projects/ngnms/" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3053.json b/2019/3xxx/CVE-2019-3053.json index bd2803e2d93..06fe7a4f7f8 100644 --- a/2019/3xxx/CVE-2019-3053.json +++ b/2019/3xxx/CVE-2019-3053.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3053", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3053", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3319.json b/2019/3xxx/CVE-2019-3319.json index 15aa8b16725..45e7259feef 100644 --- a/2019/3xxx/CVE-2019-3319.json +++ b/2019/3xxx/CVE-2019-3319.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3319", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3319", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3464.json b/2019/3xxx/CVE-2019-3464.json index b582f21f58a..db7fc9dd142 100644 --- a/2019/3xxx/CVE-2019-3464.json +++ b/2019/3xxx/CVE-2019-3464.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@debian.org", - "DATE_PUBLIC" : "2019-02-06T00:00:00", - "ID" : "CVE-2019-3464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "rssh", - "version" : { - "version_data" : [ - { - "version_value" : "All versions before 2.3.4-5+deb9u2 and 2.3.4-10" - } - ] - } - } - ] - }, - "vendor_name" : "Debian GNU/Linux" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Incomplete sanitization of environment variable" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "DATE_PUBLIC": "2019-02-06T00:00:00", + "ID": "CVE-2019-3464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "rssh", + "version": { + "version_data": [ + { + "version_value": "All versions before 2.3.4-5+deb9u2 and 2.3.4-10" + } + ] + } + } + ] + }, + "vendor_name": "Debian GNU/Linux" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190206 [SECURITY] [DLA 1660-1] rssh security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html" - }, - { - "name" : "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/", - "refsource" : "MISC", - "url" : "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/" - }, - { - "name" : "DSA-4382", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2019/dsa-4382" - }, - { - "name" : "106839", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106839" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incomplete sanitization of environment variable" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-4382", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2019/dsa-4382" + }, + { + "name": "[debian-lts-announce] 20190206 [SECURITY] [DLA 1660-1] rssh security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html" + }, + { + "name": "106839", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106839" + }, + { + "name": "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/", + "refsource": "MISC", + "url": "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3651.json b/2019/3xxx/CVE-2019-3651.json index 78e8530b099..2a1da479168 100644 --- a/2019/3xxx/CVE-2019-3651.json +++ b/2019/3xxx/CVE-2019-3651.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3651", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3651", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4185.json b/2019/4xxx/CVE-2019-4185.json index 760856ffe38..830b6fcec42 100644 --- a/2019/4xxx/CVE-2019-4185.json +++ b/2019/4xxx/CVE-2019-4185.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4185", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4185", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4249.json b/2019/4xxx/CVE-2019-4249.json index 715eac5f469..a38712b129d 100644 --- a/2019/4xxx/CVE-2019-4249.json +++ b/2019/4xxx/CVE-2019-4249.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4249", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4249", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4549.json b/2019/4xxx/CVE-2019-4549.json index 3f0934f7a2e..33cdaf2f515 100644 --- a/2019/4xxx/CVE-2019-4549.json +++ b/2019/4xxx/CVE-2019-4549.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4549", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4549", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4693.json b/2019/4xxx/CVE-2019-4693.json index 34911830252..29b7b3d5700 100644 --- a/2019/4xxx/CVE-2019-4693.json +++ b/2019/4xxx/CVE-2019-4693.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4693", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4693", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6234.json b/2019/6xxx/CVE-2019-6234.json index f317dd70e0e..5a0a07589e9 100644 --- a/2019/6xxx/CVE-2019-6234.json +++ b/2019/6xxx/CVE-2019-6234.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2019-6234", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "iOS", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "iOS 12.1.3" - } - ] - } - }, - { - "product_name" : "tvOS", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "tvOS 12.1.2" - } - ] - } - }, - { - "product_name" : "Safari", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "Safari 12.0.3" - } - ] - } - }, - { - "product_name" : "iTunes for Windows", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "iTunes 12.9.3 for Windows" - } - ] - } - }, - { - "product_name" : "iCloud for Windows", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "iCloud for Windows 7.10" - } - ] - } - } - ] - }, - "vendor_name" : "Apple" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Processing maliciously crafted web content may lead to arbitrary code execution" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2019-6234", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.1.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.1.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.3 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.10" + } + ] + } + } + ] + }, + "vendor_name": "Apple" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT209443", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209443" - }, - { - "name" : "https://support.apple.com/HT209447", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209447" - }, - { - "name" : "https://support.apple.com/HT209449", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209449" - }, - { - "name" : "https://support.apple.com/HT209450", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209450" - }, - { - "name" : "https://support.apple.com/HT209451", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209451" - }, - { - "name" : "GLSA-201903-12", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201903-12" - }, - { - "name" : "106691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106691" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106691" + }, + { + "name": "GLSA-201903-12", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201903-12" + }, + { + "name": "https://support.apple.com/HT209443", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209443" + }, + { + "name": "https://support.apple.com/HT209451", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209451" + }, + { + "name": "https://support.apple.com/HT209449", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209449" + }, + { + "name": "https://support.apple.com/HT209450", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209450" + }, + { + "name": "https://support.apple.com/HT209447", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209447" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6879.json b/2019/6xxx/CVE-2019-6879.json index 46462b0a5cd..c0b754f8981 100644 --- a/2019/6xxx/CVE-2019-6879.json +++ b/2019/6xxx/CVE-2019-6879.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6879", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6879", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7137.json b/2019/7xxx/CVE-2019-7137.json index 10929988bed..3be87fe6775 100644 --- a/2019/7xxx/CVE-2019-7137.json +++ b/2019/7xxx/CVE-2019-7137.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7137", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7137", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7289.json b/2019/7xxx/CVE-2019-7289.json index e64390b1363..c637d8bcfd8 100644 --- a/2019/7xxx/CVE-2019-7289.json +++ b/2019/7xxx/CVE-2019-7289.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7289", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7289", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8145.json b/2019/8xxx/CVE-2019-8145.json index c5ae32222ef..f4c7562d21b 100644 --- a/2019/8xxx/CVE-2019-8145.json +++ b/2019/8xxx/CVE-2019-8145.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8145", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8145", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8541.json b/2019/8xxx/CVE-2019-8541.json index 637cf3a4c3d..4054e574978 100644 --- a/2019/8xxx/CVE-2019-8541.json +++ b/2019/8xxx/CVE-2019-8541.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8541", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8541", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8708.json b/2019/8xxx/CVE-2019-8708.json index 853b7c1fe21..8c31f585406 100644 --- a/2019/8xxx/CVE-2019-8708.json +++ b/2019/8xxx/CVE-2019-8708.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8708", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8708", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9164.json b/2019/9xxx/CVE-2019-9164.json index 890d080b779..4392c71d432 100644 --- a/2019/9xxx/CVE-2019-9164.json +++ b/2019/9xxx/CVE-2019-9164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9384.json b/2019/9xxx/CVE-2019-9384.json index e28a0227a3e..9ec4c78a4cb 100644 --- a/2019/9xxx/CVE-2019-9384.json +++ b/2019/9xxx/CVE-2019-9384.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9384", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9384", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file