From 56cc31f97e563fe832e879a4415011622af9d291 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 23:33:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0191.json | 150 ++++++++-------- 2007/1xxx/CVE-2007-1121.json | 160 ++++++++--------- 2007/1xxx/CVE-2007-1630.json | 170 +++++++++--------- 2007/1xxx/CVE-2007-1748.json | 270 ++++++++++++++-------------- 2007/1xxx/CVE-2007-1902.json | 190 ++++++++++---------- 2007/3xxx/CVE-2007-3173.json | 140 +++++++-------- 2007/3xxx/CVE-2007-3410.json | 320 ++++++++++++++++----------------- 2007/3xxx/CVE-2007-3676.json | 130 +++++++------- 2007/4xxx/CVE-2007-4048.json | 190 ++++++++++---------- 2007/4xxx/CVE-2007-4256.json | 130 +++++++------- 2007/4xxx/CVE-2007-4340.json | 140 +++++++-------- 2007/4xxx/CVE-2007-4416.json | 140 +++++++-------- 2007/4xxx/CVE-2007-4452.json | 170 +++++++++--------- 2014/5xxx/CVE-2014-5777.json | 140 +++++++-------- 2015/2xxx/CVE-2015-2177.json | 160 ++++++++--------- 2015/2xxx/CVE-2015-2480.json | 130 +++++++------- 2015/2xxx/CVE-2015-2498.json | 150 ++++++++-------- 2015/2xxx/CVE-2015-2682.json | 180 +++++++++---------- 2015/2xxx/CVE-2015-2902.json | 140 +++++++-------- 2015/3xxx/CVE-2015-3392.json | 160 ++++++++--------- 2015/6xxx/CVE-2015-6249.json | 200 ++++++++++----------- 2015/7xxx/CVE-2015-7040.json | 210 +++++++++++----------- 2015/7xxx/CVE-2015-7694.json | 34 ++-- 2016/0xxx/CVE-2016-0087.json | 140 +++++++-------- 2016/0xxx/CVE-2016-0108.json | 150 ++++++++-------- 2016/0xxx/CVE-2016-0375.json | 140 +++++++-------- 2016/0xxx/CVE-2016-0852.json | 120 ++++++------- 2016/10xxx/CVE-2016-10292.json | 136 +++++++------- 2016/10xxx/CVE-2016-10548.json | 132 +++++++------- 2016/4xxx/CVE-2016-4191.json | 140 +++++++-------- 2016/4xxx/CVE-2016-4600.json | 150 ++++++++-------- 2016/4xxx/CVE-2016-4900.json | 150 ++++++++-------- 2019/0xxx/CVE-2019-0188.json | 34 ++-- 2019/3xxx/CVE-2019-3158.json | 34 ++-- 2019/3xxx/CVE-2019-3700.json | 34 ++-- 2019/4xxx/CVE-2019-4726.json | 34 ++-- 2019/4xxx/CVE-2019-4755.json | 34 ++-- 2019/4xxx/CVE-2019-4794.json | 34 ++-- 2019/4xxx/CVE-2019-4876.json | 34 ++-- 2019/6xxx/CVE-2019-6536.json | 34 ++-- 2019/7xxx/CVE-2019-7083.json | 34 ++-- 2019/7xxx/CVE-2019-7480.json | 34 ++-- 2019/7xxx/CVE-2019-7633.json | 34 ++-- 2019/7xxx/CVE-2019-7839.json | 34 ++-- 2019/7xxx/CVE-2019-7972.json | 34 ++-- 2019/8xxx/CVE-2019-8065.json | 34 ++-- 2019/8xxx/CVE-2019-8165.json | 34 ++-- 2019/8xxx/CVE-2019-8342.json | 34 ++-- 2019/8xxx/CVE-2019-8452.json | 34 ++-- 2019/9xxx/CVE-2019-9053.json | 34 ++-- 2019/9xxx/CVE-2019-9558.json | 120 ++++++------- 2019/9xxx/CVE-2019-9761.json | 120 ++++++------- 2019/9xxx/CVE-2019-9808.json | 34 ++-- 2019/9xxx/CVE-2019-9840.json | 34 ++-- 54 files changed, 2991 insertions(+), 2991 deletions(-) diff --git a/2007/0xxx/CVE-2007-0191.json b/2007/0xxx/CVE-2007-0191.json index 340ae57f000..c836db0e7fd 100644 --- a/2007/0xxx/CVE-2007-0191.json +++ b/2007/0xxx/CVE-2007-0191.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 MkPortal Admin XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456042/100/100/threaded" - }, - { - "name" : "33399", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33399" - }, - { - "name" : "2138", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2138" - }, - { - "name" : "mkportal-admin-xss(31304)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31304" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070105 MkPortal Admin XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456042/100/100/threaded" + }, + { + "name": "mkportal-admin-xss(31304)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31304" + }, + { + "name": "2138", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2138" + }, + { + "name": "33399", + "refsource": "OSVDB", + "url": "http://osvdb.org/33399" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1121.json b/2007/1xxx/CVE-2007-1121.json index 85fe1729897..29c788e087c 100644 --- a/2007/1xxx/CVE-2007-1121.json +++ b/2007/1xxx/CVE-2007-1121.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1121", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1121", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=488406", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=488406" - }, - { - "name" : "22685", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22685" - }, - { - "name" : "ADV-2007-0715", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0715" - }, - { - "name" : "24269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24269" - }, - { - "name" : "zephyrsoft-id-sql-injection(32665)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32665" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22685", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22685" + }, + { + "name": "ADV-2007-0715", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0715" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=488406", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=488406" + }, + { + "name": "24269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24269" + }, + { + "name": "zephyrsoft-id-sql-injection(32665)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32665" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1630.json b/2007/1xxx/CVE-2007-1630.json index 1795a9eb4ec..ce1816dd98b 100644 --- a/2007/1xxx/CVE-2007-1630.json +++ b/2007/1xxx/CVE-2007-1630.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1630", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1630", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3534", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3534" - }, - { - "name" : "23080", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23080" - }, - { - "name" : "ADV-2007-1071", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1071" - }, - { - "name" : "34364", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34364" - }, - { - "name" : "24574", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24574" - }, - { - "name" : "active-link-default-sql-injection(33111)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3534", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3534" + }, + { + "name": "active-link-default-sql-injection(33111)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33111" + }, + { + "name": "ADV-2007-1071", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1071" + }, + { + "name": "34364", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34364" + }, + { + "name": "23080", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23080" + }, + { + "name": "24574", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24574" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1748.json b/2007/1xxx/CVE-2007-1748.json index a4243752a34..34a45242e83 100644 --- a/2007/1xxx/CVE-2007-1748.json +++ b/2007/1xxx/CVE-2007-1748.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1748", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-1748", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070415 Re: [exploits] RPC vuln in DNS Server (fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465863/100/100/threaded" - }, - { - "name" : "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx" - }, - { - "name" : "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb", - "refsource" : "MISC", - "url" : "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb" - }, - { - "name" : "http://www.microsoft.com/technet/security/advisory/935964.mspx", - "refsource" : "CONFIRM", - "url" : "http://www.microsoft.com/technet/security/advisory/935964.mspx" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-029", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-029" - }, - { - "name" : "TA07-103A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-103A.html" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "VU#555920", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/555920" - }, - { - "name" : "23470", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23470" - }, - { - "name" : "ADV-2007-1366", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1366" - }, - { - "name" : "oval:org.mitre.oval:def:1228", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1228" - }, - { - "name" : "1017910", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017910" - }, - { - "name" : "24871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24871" - }, - { - "name" : "win-dns-rpc-bo(33629)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24871" + }, + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "20070415 Re: [exploits] RPC vuln in DNS Server (fwd)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465863/100/100/threaded" + }, + { + "name": "http://www.microsoft.com/technet/security/advisory/935964.mspx", + "refsource": "CONFIRM", + "url": "http://www.microsoft.com/technet/security/advisory/935964.mspx" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "23470", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23470" + }, + { + "name": "win-dns-rpc-bo(33629)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33629" + }, + { + "name": "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx" + }, + { + "name": "1017910", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017910" + }, + { + "name": "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb", + "refsource": "MISC", + "url": "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb" + }, + { + "name": "ADV-2007-1366", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1366" + }, + { + "name": "oval:org.mitre.oval:def:1228", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1228" + }, + { + "name": "TA07-103A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-103A.html" + }, + { + "name": "VU#555920", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/555920" + }, + { + "name": "MS07-029", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-029" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1902.json b/2007/1xxx/CVE-2007-1902.json index 46f0df85b0d..67d8ed0062d 100644 --- a/2007/1xxx/CVE-2007-1902.json +++ b/2007/1xxx/CVE-2007-1902.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468536/100/0/threaded" - }, - { - "name" : "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117914598917534&w=2" - }, - { - "name" : "http://www.netvigilance.com/advisory0019", - "refsource" : "MISC", - "url" : "http://www.netvigilance.com/advisory0019" - }, - { - "name" : "23964", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23964" - }, - { - "name" : "ADV-2007-1816", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1816" - }, - { - "name" : "33907", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33907" - }, - { - "name" : "25279", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25279" - }, - { - "name" : "sonicbb-search-sql-injection(34258)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34258" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sonicbb-search-sql-injection(34258)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34258" + }, + { + "name": "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117914598917534&w=2" + }, + { + "name": "http://www.netvigilance.com/advisory0019", + "refsource": "MISC", + "url": "http://www.netvigilance.com/advisory0019" + }, + { + "name": "ADV-2007-1816", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1816" + }, + { + "name": "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468536/100/0/threaded" + }, + { + "name": "25279", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25279" + }, + { + "name": "23964", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23964" + }, + { + "name": "33907", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33907" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3173.json b/2007/3xxx/CVE-2007-3173.json index 3ad08aa05f2..9b29a363189 100644 --- a/2007/3xxx/CVE-2007-3173.json +++ b/2007/3xxx/CVE-2007-3173.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070529 Full Path Disclosure in Almnzm", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469911/100/0/threaded" - }, - { - "name" : "38338", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38338" - }, - { - "name" : "almnzm-orderid-information-disclosure(34574)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34574" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070529 Full Path Disclosure in Almnzm", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469911/100/0/threaded" + }, + { + "name": "38338", + "refsource": "OSVDB", + "url": "http://osvdb.org/38338" + }, + { + "name": "almnzm-orderid-information-disclosure(34574)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34574" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3410.json b/2007/3xxx/CVE-2007-3410.json index db0c1f92980..70d267d8e75 100644 --- a/2007/3xxx/CVE-2007-3410.json +++ b/2007/3xxx/CVE-2007-3410.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547" - }, - { - "name" : "http://service.real.com/realplayer/security/10252007_player/en/", - "refsource" : "CONFIRM", - "url" : "http://service.real.com/realplayer/security/10252007_player/en/" - }, - { - "name" : "GLSA-200709-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200709-05.xml" - }, - { - "name" : "RHSA-2007:0605", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0605.html" - }, - { - "name" : "RHSA-2007:0841", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0841.html" - }, - { - "name" : "VU#770904", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/770904" - }, - { - "name" : "20071030 RealPlayer Updates of October 25, 2007", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001841.html" - }, - { - "name" : "24658", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24658" - }, - { - "name" : "38342", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38342" - }, - { - "name" : "oval:org.mitre.oval:def:10554", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554" - }, - { - "name" : "ADV-2007-2339", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2339" - }, - { - "name" : "ADV-2007-3628", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3628" - }, - { - "name" : "37374", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37374" - }, - { - "name" : "1018297", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018297" - }, - { - "name" : "1018299", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018299" - }, - { - "name" : "25819", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25819" - }, - { - "name" : "25859", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25859" - }, - { - "name" : "26463", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26463" - }, - { - "name" : "26828", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26828" - }, - { - "name" : "27361", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27361" - }, - { - "name" : "realplayer-smiltime-wallclockvalue-bo(35088)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://service.real.com/realplayer/security/10252007_player/en/", + "refsource": "CONFIRM", + "url": "http://service.real.com/realplayer/security/10252007_player/en/" + }, + { + "name": "oval:org.mitre.oval:def:10554", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554" + }, + { + "name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547" + }, + { + "name": "26463", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26463" + }, + { + "name": "GLSA-200709-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200709-05.xml" + }, + { + "name": "24658", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24658" + }, + { + "name": "ADV-2007-2339", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2339" + }, + { + "name": "realplayer-smiltime-wallclockvalue-bo(35088)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088" + }, + { + "name": "RHSA-2007:0841", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html" + }, + { + "name": "26828", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26828" + }, + { + "name": "38342", + "refsource": "OSVDB", + "url": "http://osvdb.org/38342" + }, + { + "name": "VU#770904", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/770904" + }, + { + "name": "RHSA-2007:0605", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html" + }, + { + "name": "25859", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25859" + }, + { + "name": "37374", + "refsource": "OSVDB", + "url": "http://osvdb.org/37374" + }, + { + "name": "20071030 RealPlayer Updates of October 25, 2007", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html" + }, + { + "name": "ADV-2007-3628", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3628" + }, + { + "name": "25819", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25819" + }, + { + "name": "1018297", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018297" + }, + { + "name": "27361", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27361" + }, + { + "name": "1018299", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018299" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3676.json b/2007/3xxx/CVE-2007-3676.json index 4fe6b0e4ab3..20e85cc6ba5 100644 --- a/2007/3xxx/CVE-2007-3676.json +++ b/2007/3xxx/CVE-2007-3676.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3676", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3676", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654" - }, - { - "name" : "1019318", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019318", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019318" + }, + { + "name": "20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4048.json b/2007/4xxx/CVE-2007-4048.json index ca61db18ce5..e80f1e508c4 100644 --- a/2007/4xxx/CVE-2007-4048.json +++ b/2007/4xxx/CVE-2007-4048.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070725 PHPSysInfo Index.php Cross Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474756/100/0/threaded" - }, - { - "name" : "http://download.phpgroupware.org/", - "refsource" : "CONFIRM", - "url" : "http://download.phpgroupware.org/" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=532143", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=532143" - }, - { - "name" : "25090", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25090" - }, - { - "name" : "36601", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36601" - }, - { - "name" : "26248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26248" - }, - { - "name" : "26473", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26473" - }, - { - "name" : "2952", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2952" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070725 PHPSysInfo Index.php Cross Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474756/100/0/threaded" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=532143", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=532143" + }, + { + "name": "http://download.phpgroupware.org/", + "refsource": "CONFIRM", + "url": "http://download.phpgroupware.org/" + }, + { + "name": "25090", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25090" + }, + { + "name": "26473", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26473" + }, + { + "name": "26248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26248" + }, + { + "name": "2952", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2952" + }, + { + "name": "36601", + "refsource": "OSVDB", + "url": "http://osvdb.org/36601" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4256.json b/2007/4xxx/CVE-2007-4256.json index f0b551930d1..c37007d6cf8 100644 --- a/2007/4xxx/CVE-2007-4256.json +++ b/2007/4xxx/CVE-2007-4256.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4261", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4261" - }, - { - "name" : "39198", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4261", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4261" + }, + { + "name": "39198", + "refsource": "OSVDB", + "url": "http://osvdb.org/39198" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4340.json b/2007/4xxx/CVE-2007-4340.json index 6a6628a4a42..4c97a3c3238 100644 --- a/2007/4xxx/CVE-2007-4340.json +++ b/2007/4xxx/CVE-2007-4340.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4340", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4340", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070811 phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476141/100/0/threaded" - }, - { - "name" : "3007", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3007" - }, - { - "name" : "phpdvd-index-file-include(35964)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35964" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070811 phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476141/100/0/threaded" + }, + { + "name": "phpdvd-index-file-include(35964)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35964" + }, + { + "name": "3007", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3007" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4416.json b/2007/4xxx/CVE-2007-4416.json index 77e15dcb258..8e546cf27ee 100644 --- a/2007/4xxx/CVE-2007-4416.json +++ b/2007/4xxx/CVE-2007-4416.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4416", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** captcha.php in BellaBook (aka BellaBuffs) allows remote attackers to obtain administrative privileges by sending the admin's username (admin_name) in a pheap_login cookie. NOTE: the vendor disputes this vulnerability because authentication data is derived from the admin_pass and secret variables, in addition to the admin_name; and because the exploit code is designed for an unrelated application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070731 BellaBook Admin Bypass/Remote Code Execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475153/100/200/threaded" - }, - { - "name" : "20070801 Re: BellaBook Admin Bypass/Remote Code Execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475259/100/200/threaded" - }, - { - "name" : "42506", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** captcha.php in BellaBook (aka BellaBuffs) allows remote attackers to obtain administrative privileges by sending the admin's username (admin_name) in a pheap_login cookie. NOTE: the vendor disputes this vulnerability because authentication data is derived from the admin_pass and secret variables, in addition to the admin_name; and because the exploit code is designed for an unrelated application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42506", + "refsource": "OSVDB", + "url": "http://osvdb.org/42506" + }, + { + "name": "20070731 BellaBook Admin Bypass/Remote Code Execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475153/100/200/threaded" + }, + { + "name": "20070801 Re: BellaBook Admin Bypass/Remote Code Execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475259/100/200/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4452.json b/2007/4xxx/CVE-2007-4452.json index 8f5071c69ad..0380a22870f 100644 --- a/2007/4xxx/CVE-2007-4452.json +++ b/2007/4xxx/CVE-2007-4452.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (disconnection) via a long (1) emote or (2) SPEC command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070818 Multiple vulnerabilities in Toribash 2.71", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/toribashish.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/toribashish.zip" - }, - { - "name" : "25359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25359" - }, - { - "name" : "26507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26507" - }, - { - "name" : "3033", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3033" - }, - { - "name" : "toribash-emote-spec-dos(36100)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36100" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (disconnection) via a long (1) emote or (2) SPEC command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "toribash-emote-spec-dos(36100)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36100" + }, + { + "name": "20070818 Multiple vulnerabilities in Toribash 2.71", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded" + }, + { + "name": "http://aluigi.org/poc/toribashish.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/toribashish.zip" + }, + { + "name": "25359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25359" + }, + { + "name": "26507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26507" + }, + { + "name": "3033", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3033" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5777.json b/2014/5xxx/CVE-2014-5777.json index 3a6c10883a2..e170abc4182 100644 --- a/2014/5xxx/CVE-2014-5777.json +++ b/2014/5xxx/CVE-2014-5777.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#437913", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/437913" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#437913", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/437913" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2177.json b/2015/2xxx/CVE-2015-2177.json index e67ad8c1f4b..8d727b99016 100644 --- a/2015/2xxx/CVE-2015-2177.json +++ b/2015/2xxx/CVE-2015-2177.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2177", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44802", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44802/" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04" - }, - { - "name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf" - }, - { - "name" : "72973", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72973" - }, - { - "name" : "1032040", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04" + }, + { + "name": "1032040", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032040" + }, + { + "name": "44802", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44802/" + }, + { + "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf" + }, + { + "name": "72973", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72973" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2480.json b/2015/2xxx/CVE-2015-2480.json index 8f799ba56bb..442d2951fb9 100644 --- a/2015/2xxx/CVE-2015-2480.json +++ b/2015/2xxx/CVE-2015-2480.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka \"RyuJIT Optimization Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2479 and CVE-2015-2481." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-092", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-092" - }, - { - "name" : "1033253", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033253" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka \"RyuJIT Optimization Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2479 and CVE-2015-2481." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-092", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-092" + }, + { + "name": "1033253", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033253" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2498.json b/2015/2xxx/CVE-2015-2498.json index 29048d91d0a..3c4d53afec3 100644 --- a/2015/2xxx/CVE-2015-2498.json +++ b/2015/2xxx/CVE-2015-2498.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-424", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-424" - }, - { - "name" : "MS15-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" - }, - { - "name" : "76579", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76579" - }, - { - "name" : "1033487", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-424", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-424" + }, + { + "name": "76579", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76579" + }, + { + "name": "MS15-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" + }, + { + "name": "1033487", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033487" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2682.json b/2015/2xxx/CVE-2015-2682.json index eed1c8f1291..d5351fc9cb0 100644 --- a/2015/2xxx/CVE-2015-2682.json +++ b/2015/2xxx/CVE-2015-2682.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2682", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2682", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36441", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36441/" - }, - { - "name" : "20150319 Citrix Command Center allows downloading of configuration files", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/126" - }, - { - "name" : "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html" - }, - { - "name" : "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html", - "refsource" : "MISC", - "url" : "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html" - }, - { - "name" : "http://support.citrix.com/article/CTX200584", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX200584" - }, - { - "name" : "73309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73309" - }, - { - "name" : "1031993", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031993" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html", + "refsource": "MISC", + "url": "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html" + }, + { + "name": "20150319 Citrix Command Center allows downloading of configuration files", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/126" + }, + { + "name": "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html" + }, + { + "name": "36441", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36441/" + }, + { + "name": "http://support.citrix.com/article/CTX200584", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX200584" + }, + { + "name": "1031993", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031993" + }, + { + "name": "73309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73309" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2902.json b/2015/2xxx/CVE-2015-2902.json index 81a492d1514..4c88e8dc2d2 100644 --- a/2015/2xxx/CVE-2015-2902.json +++ b/2015/2xxx/CVE-2015-2902.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932" - }, - { - "name" : "VU#350508", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/350508" - }, - { - "name" : "1034078", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#350508", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/350508" + }, + { + "name": "1034078", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034078" + }, + { + "name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3392.json b/2015/3xxx/CVE-2015-3392.json index 5602513bac2..dc9445513bb 100644 --- a/2015/3xxx/CVE-2015-3392.json +++ b/2015/3xxx/CVE-2015-3392.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3392", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3392", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150205 CVE requests for Drupal contributed modules", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/02/05/16" - }, - { - "name" : "https://www.drupal.org/node/2420099", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2420099" - }, - { - "name" : "https://www.drupal.org/node/2419971", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2419971" - }, - { - "name" : "72567", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72567" - }, - { - "name" : "ajaxtimeline-drupal-timeline-xss(100654)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2419971", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2419971" + }, + { + "name": "[oss-security] 20150205 CVE requests for Drupal contributed modules", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/02/05/16" + }, + { + "name": "https://www.drupal.org/node/2420099", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2420099" + }, + { + "name": "ajaxtimeline-drupal-timeline-xss(100654)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100654" + }, + { + "name": "72567", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72567" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6249.json b/2015/6xxx/CVE-2015-6249.json index 5a176275986..cb9fd97be3c 100644 --- a/2015/6xxx/CVE-2015-6249.json +++ b/2015/6xxx/CVE-2015-6249.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-29.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-29.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "DSA-3367", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3367" - }, - { - "name" : "FEDORA-2015-13945", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" - }, - { - "name" : "FEDORA-2015-13946", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" - }, - { - "name" : "openSUSE-SU-2015:1836", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" - }, - { - "name" : "1033272", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-29.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-29.html" + }, + { + "name": "FEDORA-2015-13945", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" + }, + { + "name": "1033272", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033272" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228" + }, + { + "name": "FEDORA-2015-13946", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" + }, + { + "name": "DSA-3367", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3367" + }, + { + "name": "openSUSE-SU-2015:1836", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7040.json b/2015/7xxx/CVE-2015-7040.json index a67ed2034f0..be112cef6fd 100644 --- a/2015/7xxx/CVE-2015-7040.json +++ b/2015/7xxx/CVE-2015-7040.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7694.json b/2015/7xxx/CVE-2015-7694.json index 0e1b37d3b32..05520b3e6c2 100644 --- a/2015/7xxx/CVE-2015-7694.json +++ b/2015/7xxx/CVE-2015-7694.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7694", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7694", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0087.json b/2016/0xxx/CVE-2016-0087.json index c2994d56455..29863e0ecda 100644 --- a/2016/0xxx/CVE-2016-0087.json +++ b/2016/0xxx/CVE-2016-0087.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-031", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-031" - }, - { - "name" : "84032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84032" - }, - { - "name" : "1035209", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "84032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84032" + }, + { + "name": "MS16-031", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-031" + }, + { + "name": "1035209", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035209" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0108.json b/2016/0xxx/CVE-2016-0108.json index c7db72bcff9..19c01a51c6d 100644 --- a/2016/0xxx/CVE-2016-0108.json +++ b/2016/0xxx/CVE-2016-0108.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39562", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39562/" - }, - { - "name" : "MS16-023", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" - }, - { - "name" : "84016", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84016" - }, - { - "name" : "1035203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "84016", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84016" + }, + { + "name": "1035203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035203" + }, + { + "name": "MS16-023", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" + }, + { + "name": "39562", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39562/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0375.json b/2016/0xxx/CVE-2016-0375.json index bb655c80aa0..efc45abf772 100644 --- a/2016/0xxx/CVE-2016-0375.json +++ b/2016/0xxx/CVE-2016-0375.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985064", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985064" - }, - { - "name" : "IT15674", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15674" - }, - { - "name" : "IT15743", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15743" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985064", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985064" + }, + { + "name": "IT15743", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15743" + }, + { + "name": "IT15674", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15674" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0852.json b/2016/0xxx/CVE-2016-0852.json index 400abd64f35..388887d15e8 100644 --- a/2016/0xxx/CVE-2016-0852.json +++ b/2016/0xxx/CVE-2016-0852.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0852", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-0852", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10292.json b/2016/10xxx/CVE-2016-10292.json index c7240a7700d..cdfcf929c15 100644 --- a/2016/10xxx/CVE-2016-10292.json +++ b/2016/10xxx/CVE-2016-10292.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-10292", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34514463. References: QC-CR#1065466." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-10292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-05-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-05-01" - }, - { - "name" : "98204", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34514463. References: QC-CR#1065466." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98204", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98204" + }, + { + "name": "https://source.android.com/security/bulletin/2017-05-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-05-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10548.json b/2016/10xxx/CVE-2016-10548.json index 38782355f7b..0d4240db6f4 100644 --- a/2016/10xxx/CVE-2016-10548.json +++ b/2016/10xxx/CVE-2016-10548.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10548", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "reduce-css-calc node module", - "version" : { - "version_data" : [ - { - "version_value" : "<=1.2.4" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Code Injection (CWE-94)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10548", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "reduce-css-calc node module", + "version": { + "version_data": [ + { + "version_value": "<=1.2.4" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9", - "refsource" : "MISC", - "url" : "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9" - }, - { - "name" : "https://nodesecurity.io/advisories/144", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Code Injection (CWE-94)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9", + "refsource": "MISC", + "url": "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9" + }, + { + "name": "https://nodesecurity.io/advisories/144", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/144" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4191.json b/2016/4xxx/CVE-2016-4191.json index e07249d29f0..4996765cc8e 100644 --- a/2016/4xxx/CVE-2016-4191.json +++ b/2016/4xxx/CVE-2016-4191.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4600.json b/2016/4xxx/CVE-2016-4600.json index afcfe4c7b71..fe007c7e29e 100644 --- a/2016/4xxx/CVE-2016-4600.json +++ b/2016/4xxx/CVE-2016-4600.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4600", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4600", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4900.json b/2016/4xxx/CVE-2016-4900.json index 32390754a1e..1692db62907 100644 --- a/2016/4xxx/CVE-2016-4900.json +++ b/2016/4xxx/CVE-2016-4900.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4900", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Evernote for Windows", - "version" : { - "version_data" : [ - { - "version_value" : "versions prior to 6.3" - } - ] - } - } - ] - }, - "vendor_name" : "Evernote" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4900", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Evernote for Windows", + "version": { + "version_data": [ + { + "version_value": "versions prior to 6.3" + } + ] + } + } + ] + }, + "vendor_name": "Evernote" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://evernote.com/security/updates/#win", - "refsource" : "CONFIRM", - "url" : "https://evernote.com/security/updates/#win" - }, - { - "name" : "JVN#03251132", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN03251132/index.html" - }, - { - "name" : "JVNDB-2016-000206", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000206" - }, - { - "name" : "93572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93572" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#03251132", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN03251132/index.html" + }, + { + "name": "JVNDB-2016-000206", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000206" + }, + { + "name": "93572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93572" + }, + { + "name": "https://evernote.com/security/updates/#win", + "refsource": "CONFIRM", + "url": "https://evernote.com/security/updates/#win" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0188.json b/2019/0xxx/CVE-2019-0188.json index a56c202d822..41666959d27 100644 --- a/2019/0xxx/CVE-2019-0188.json +++ b/2019/0xxx/CVE-2019-0188.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0188", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0188", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3158.json b/2019/3xxx/CVE-2019-3158.json index f3b5846bec9..833e4121185 100644 --- a/2019/3xxx/CVE-2019-3158.json +++ b/2019/3xxx/CVE-2019-3158.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3158", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3158", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3700.json b/2019/3xxx/CVE-2019-3700.json index 88861afd269..b832a503316 100644 --- a/2019/3xxx/CVE-2019-3700.json +++ b/2019/3xxx/CVE-2019-3700.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3700", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3700", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4726.json b/2019/4xxx/CVE-2019-4726.json index a59620ba4b1..067a18cd4bd 100644 --- a/2019/4xxx/CVE-2019-4726.json +++ b/2019/4xxx/CVE-2019-4726.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4726", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4726", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4755.json b/2019/4xxx/CVE-2019-4755.json index 1edd7c74777..78b1b739d20 100644 --- a/2019/4xxx/CVE-2019-4755.json +++ b/2019/4xxx/CVE-2019-4755.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4755", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4755", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4794.json b/2019/4xxx/CVE-2019-4794.json index 42e6cdc6bd5..a54f053a46f 100644 --- a/2019/4xxx/CVE-2019-4794.json +++ b/2019/4xxx/CVE-2019-4794.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4794", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4794", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4876.json b/2019/4xxx/CVE-2019-4876.json index f8b2088b21d..999ece7048b 100644 --- a/2019/4xxx/CVE-2019-4876.json +++ b/2019/4xxx/CVE-2019-4876.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4876", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4876", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6536.json b/2019/6xxx/CVE-2019-6536.json index a563dc2078e..73931094970 100644 --- a/2019/6xxx/CVE-2019-6536.json +++ b/2019/6xxx/CVE-2019-6536.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6536", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6536", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7083.json b/2019/7xxx/CVE-2019-7083.json index 6a7483d6560..14ae45a0b9e 100644 --- a/2019/7xxx/CVE-2019-7083.json +++ b/2019/7xxx/CVE-2019-7083.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7083", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7083", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7480.json b/2019/7xxx/CVE-2019-7480.json index 7389ba24416..5c6edfdfbec 100644 --- a/2019/7xxx/CVE-2019-7480.json +++ b/2019/7xxx/CVE-2019-7480.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7480", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7480", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7633.json b/2019/7xxx/CVE-2019-7633.json index 9ca9d54f017..496f5b0a45c 100644 --- a/2019/7xxx/CVE-2019-7633.json +++ b/2019/7xxx/CVE-2019-7633.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7633", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7633", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7839.json b/2019/7xxx/CVE-2019-7839.json index 85e85db8cb6..1bf4def2a9f 100644 --- a/2019/7xxx/CVE-2019-7839.json +++ b/2019/7xxx/CVE-2019-7839.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7839", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7839", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7972.json b/2019/7xxx/CVE-2019-7972.json index 982b43dc503..a701bbc4e6a 100644 --- a/2019/7xxx/CVE-2019-7972.json +++ b/2019/7xxx/CVE-2019-7972.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7972", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7972", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8065.json b/2019/8xxx/CVE-2019-8065.json index a7a65ec8b80..1ad7d8ecb3d 100644 --- a/2019/8xxx/CVE-2019-8065.json +++ b/2019/8xxx/CVE-2019-8065.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8065", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8065", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8165.json b/2019/8xxx/CVE-2019-8165.json index cedb3fc66d4..ed4ccd5827e 100644 --- a/2019/8xxx/CVE-2019-8165.json +++ b/2019/8xxx/CVE-2019-8165.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8165", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8165", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8342.json b/2019/8xxx/CVE-2019-8342.json index d9ca6e7efb9..1435b682e1e 100644 --- a/2019/8xxx/CVE-2019-8342.json +++ b/2019/8xxx/CVE-2019-8342.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8342", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8342", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8452.json b/2019/8xxx/CVE-2019-8452.json index 36c8d13d3bf..251019ec68c 100644 --- a/2019/8xxx/CVE-2019-8452.json +++ b/2019/8xxx/CVE-2019-8452.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8452", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8452", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9053.json b/2019/9xxx/CVE-2019-9053.json index 9d026348dee..c8fba18b7b9 100644 --- a/2019/9xxx/CVE-2019-9053.json +++ b/2019/9xxx/CVE-2019-9053.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9053", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9053", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9558.json b/2019/9xxx/CVE-2019-9558.json index edd6a21e786..8813ab28d41 100644 --- a/2019/9xxx/CVE-2019-9558.json +++ b/2019/9xxx/CVE-2019-9558.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9558", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9558", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9761.json b/2019/9xxx/CVE-2019-9761.json index 9a2b0d7c75f..e29d018a7c1 100644 --- a/2019/9xxx/CVE-2019-9761.json +++ b/2019/9xxx/CVE-2019-9761.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gitee.com/koyshe/phpshe/issues/ITC0C", - "refsource" : "MISC", - "url" : "https://gitee.com/koyshe/phpshe/issues/ITC0C" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitee.com/koyshe/phpshe/issues/ITC0C", + "refsource": "MISC", + "url": "https://gitee.com/koyshe/phpshe/issues/ITC0C" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9808.json b/2019/9xxx/CVE-2019-9808.json index 7677a70f5ca..0cb1787fee8 100644 --- a/2019/9xxx/CVE-2019-9808.json +++ b/2019/9xxx/CVE-2019-9808.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9808", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9808", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9840.json b/2019/9xxx/CVE-2019-9840.json index daa12e1335d..66969fe9593 100644 --- a/2019/9xxx/CVE-2019-9840.json +++ b/2019/9xxx/CVE-2019-9840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file