diff --git a/1999/0xxx/CVE-1999-0491.json b/1999/0xxx/CVE-1999-0491.json index 688603f528e..c20f6d43796 100644 --- a/1999/0xxx/CVE-1999-0491.json +++ b/1999/0xxx/CVE-1999-0491.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990420 Bash Bug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org" - }, - { - "name" : "CSSA-1999-008.0", - "refsource" : "CALDERA", - "url" : "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt" - }, - { - "name" : "119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/119" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990420 Bash Bug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org" + }, + { + "name": "CSSA-1999-008.0", + "refsource": "CALDERA", + "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt" + }, + { + "name": "119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/119" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1244.json b/1999/1xxx/CVE-1999-1244.json index c6dc0cc2043..492485a2aa4 100644 --- a/1999/1xxx/CVE-1999-1244.json +++ b/1999/1xxx/CVE-1999-1244.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990415 FSA-99.04-IPFILTER-v3.2.10", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/13303" - }, - { - "name" : "ipfilter-temp-file(2087)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990415 FSA-99.04-IPFILTER-v3.2.10", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/13303" + }, + { + "name": "ipfilter-temp-file(2087)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2087" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1319.json b/1999/1xxx/CVE-1999-1319.json index 635d054fedb..2af866cd4b9 100644 --- a/1999/1xxx/CVE-1999-1319.json +++ b/1999/1xxx/CVE-1999-1319.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19960101-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19960101-01-PX" - }, - { - "name" : "irix-object-server(7430)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7430.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19960101-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19960101-01-PX" + }, + { + "name": "irix-object-server(7430)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7430.php" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1334.json b/1999/1xxx/CVE-1999-1334.json index dd0f5f6b87e..08959e88cb6 100644 --- a/1999/1xxx/CVE-1999-1334.json +++ b/1999/1xxx/CVE-1999-1334.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1334", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1334", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980129 KSR[T] Advisory #7: filter", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=88609666024181&w=2" - }, - { - "name" : "http://www.redhat.com/support/errata/rh50-errata-general.html#elm", - "refsource" : "CONFIRM", - "url" : "http://www.redhat.com/support/errata/rh50-errata-general.html#elm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980129 KSR[T] Advisory #7: filter", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=88609666024181&w=2" + }, + { + "name": "http://www.redhat.com/support/errata/rh50-errata-general.html#elm", + "refsource": "CONFIRM", + "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#elm" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0112.json b/2000/0xxx/CVE-2000-0112.json index 1413b124830..e4eb84f1232 100644 --- a/2000/0xxx/CVE-2000-0112.json +++ b/2000/0xxx/CVE-2000-0112.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0112", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000202 vulnerability in Linux Debian default boot configuration", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94973075614088&w=2" - }, - { - "name" : "960", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/960" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "960", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/960" + }, + { + "name": "20000202 vulnerability in Linux Debian default boot configuration", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94973075614088&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0133.json b/2000/0xxx/CVE-2000-0133.json index 7887b015700..8652e739394 100644 --- a/2000/0xxx/CVE-2000-0133.json +++ b/2000/0xxx/CVE-2000-0133.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0133", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "961", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/961" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "961", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/961" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0335.json b/2000/0xxx/CVE-2000-0335.json index b0ac89b3318..0340a06b9f9 100644 --- a/2000/0xxx/CVE-2000-0335.json +++ b/2000/0xxx/CVE-2000-0335.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1166", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1166" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1166", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1166" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0588.json b/2000/0xxx/CVE-2000-0588.json index 9d9c99b1cf6..c4ea17e1cda 100644 --- a/2000/0xxx/CVE-2000-0588.json +++ b/2000/0xxx/CVE-2000-0588.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000626 sawmill5.0.21 old path bug & weak hash algorithm", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html" - }, - { - "name" : "20000706 Patch for Flowerfire Sawmill Vulnerabilities Available", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html" - }, - { - "name" : "1402", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1402" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000706 Patch for Flowerfire Sawmill Vulnerabilities Available", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html" + }, + { + "name": "20000626 sawmill5.0.21 old path bug & weak hash algorithm", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html" + }, + { + "name": "1402", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1402" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0803.json b/2000/0xxx/CVE-2000-0803.json index 52221f9aa3f..199438af115 100644 --- a/2000/0xxx/CVE-2000-0803.json +++ b/2000/0xxx/CVE-2000-0803.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0803", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0803", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "gnu-groff-utilities(5280)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "gnu-groff-utilities(5280)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5280" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0812.json b/2000/0xxx/CVE-2000-0812.json index de95a5f8526..7d366751e0b 100644 --- a/2000/0xxx/CVE-2000-0812.json +++ b/2000/0xxx/CVE-2000-0812.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0812", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00197", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&nav=sec.sba" - }, - { - "name" : "http://www.securityfocus.com/templates/advisory.html?id=2542", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/templates/advisory.html?id=2542" - }, - { - "name" : "1600", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1600" - }, - { - "name" : "sunjava-webadmin-bbs(5135)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00197", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&nav=sec.sba" + }, + { + "name": "sunjava-webadmin-bbs(5135)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5135" + }, + { + "name": "1600", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1600" + }, + { + "name": "http://www.securityfocus.com/templates/advisory.html?id=2542", + "refsource": "MISC", + "url": "http://www.securityfocus.com/templates/advisory.html?id=2542" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0921.json b/2000/0xxx/CVE-2000-0921.json index 2d4159c2feb..aa14dea6f4d 100644 --- a/2000/0xxx/CVE-2000-0921.json +++ b/2000/0xxx/CVE-2000-0921.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0921", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0921", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001007 Security Advisory: Hassan Consulting's shop.cgi Directory Traversal Vulnerability.", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0115.html" - }, - { - "name" : "1777", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1777" - }, - { - "name" : "hassan-shopping-cart-dir-traversal(5342)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5342" - }, - { - "name" : "1596", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1596" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001007 Security Advisory: Hassan Consulting's shop.cgi Directory Traversal Vulnerability.", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0115.html" + }, + { + "name": "hassan-shopping-cart-dir-traversal(5342)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5342" + }, + { + "name": "1777", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1777" + }, + { + "name": "1596", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1596" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1238.json b/2000/1xxx/CVE-2000-1238.json index 31070173956..33fe97f3c9a 100644 --- a/2000/1xxx/CVE-2000-1238.json +++ b/2000/1xxx/CVE-2000-1238.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip", - "refsource" : "CONFIRM", - "url" : "ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip" - }, - { - "name" : "5089", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5089" - }, - { - "name" : "weblogic-bypass-auth(5588)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "weblogic-bypass-auth(5588)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5588" + }, + { + "name": "5089", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5089" + }, + { + "name": "ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip", + "refsource": "CONFIRM", + "url": "ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2318.json b/2005/2xxx/CVE-2005-2318.json index 7f1a56d91fc..9e62a62d0c4 100644 --- a/2005/2xxx/CVE-2005-2318.json +++ b/2005/2xxx/CVE-2005-2318.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2318", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "14223", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14223", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14223" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2902.json b/2005/2xxx/CVE-2005-2902.json index d01df3d34dd..745de46f5d0 100644 --- a/2005/2xxx/CVE-2005-2902.json +++ b/2005/2xxx/CVE-2005-2902.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in class-1 Forum Software 0.24.4 allows remote attackers to execute arbitrary SQL commands and bypass the file extension check via SQL code in the file extension of an uploaded file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050908 class-1 Forum Software v 0.24.4 Remote code execution", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112629627512785&w=2" - }, - { - "name" : "http://www.rgod.altervista.org/class1.html", - "refsource" : "MISC", - "url" : "http://www.rgod.altervista.org/class1.html" - }, - { - "name" : "14774", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14774" - }, - { - "name" : "16762", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16762/" - }, - { - "name" : "class1forum-unknown-sql-injection(22209)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in class-1 Forum Software 0.24.4 allows remote attackers to execute arbitrary SQL commands and bypass the file extension check via SQL code in the file extension of an uploaded file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14774", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14774" + }, + { + "name": "16762", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16762/" + }, + { + "name": "http://www.rgod.altervista.org/class1.html", + "refsource": "MISC", + "url": "http://www.rgod.altervista.org/class1.html" + }, + { + "name": "20050908 class-1 Forum Software v 0.24.4 Remote code execution", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112629627512785&w=2" + }, + { + "name": "class1forum-unknown-sql-injection(22209)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22209" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1061.json b/2007/1xxx/CVE-2007-1061.json index 84c0cb53392..3d308819310 100644 --- a/2007/1xxx/CVE-2007-1061.json +++ b/2007/1xxx/CVE-2007-1061.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1061", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the \"HTTP Referers\" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1061", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070224 Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461148/100/0/threaded" - }, - { - "name" : "20070220 Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052570.html" - }, - { - "name" : "3346", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3346" - }, - { - "name" : "22638", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22638" - }, - { - "name" : "ADV-2007-0673", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0673" - }, - { - "name" : "33316", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33316" - }, - { - "name" : "24224", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24224" - }, - { - "name" : "phpnuke-index-sql-injection(32607)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32607" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the \"HTTP Referers\" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22638", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22638" + }, + { + "name": "3346", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3346" + }, + { + "name": "phpnuke-index-sql-injection(32607)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32607" + }, + { + "name": "33316", + "refsource": "OSVDB", + "url": "http://osvdb.org/33316" + }, + { + "name": "20070224 Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461148/100/0/threaded" + }, + { + "name": "ADV-2007-0673", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0673" + }, + { + "name": "24224", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24224" + }, + { + "name": "20070220 Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052570.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1653.json b/2007/1xxx/CVE-2007-1653.json index a16baeae90b..76434acf0dc 100644 --- a/2007/1xxx/CVE-2007-1653.json +++ b/2007/1xxx/CVE-2007-1653.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://glowworm.us/history/release_1_5_3_b4.html", - "refsource" : "CONFIRM", - "url" : "http://glowworm.us/history/release_1_5_3_b4.html" - }, - { - "name" : "43597", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43597" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://glowworm.us/history/release_1_5_3_b4.html", + "refsource": "CONFIRM", + "url": "http://glowworm.us/history/release_1_5_3_b4.html" + }, + { + "name": "43597", + "refsource": "OSVDB", + "url": "http://osvdb.org/43597" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5013.json b/2007/5xxx/CVE-2007-5013.json index 1a8d4156b3e..b85cda8ab93 100644 --- a/2007/5xxx/CVE-2007-5013.json +++ b/2007/5xxx/CVE-2007-5013.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) u, (2) p, (3) c, and (4) s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "25742", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25742" - }, - { - "name" : "37183", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37183" - }, - { - "name" : "26886", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26886" - }, - { - "name" : "phormer-index-xss(36708)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) u, (2) p, (3) c, and (4) s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37183", + "refsource": "OSVDB", + "url": "http://osvdb.org/37183" + }, + { + "name": "phormer-index-xss(36708)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36708" + }, + { + "name": "25742", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25742" + }, + { + "name": "26886", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26886" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5073.json b/2007/5xxx/CVE-2007-5073.json index 4a3daed0ffc..510c30dd091 100644 --- a/2007/5xxx/CVE-2007-5073.json +++ b/2007/5xxx/CVE-2007-5073.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5073", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5073", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5410.json b/2007/5xxx/CVE-2007-5410.json index 82fec632d59..54984ebfef9 100644 --- a/2007/5xxx/CVE-2007-5410.json +++ b/2007/5xxx/CVE-2007-5410.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 wmtrssreader joomla component 1.0 Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481979/100/0/threaded" - }, - { - "name" : "http://www.sibersavascilar.com/merhaba-dunya-1.html", - "refsource" : "MISC", - "url" : "http://www.sibersavascilar.com/merhaba-dunya-1.html" - }, - { - "name" : "25999", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25999" - }, - { - "name" : "43765", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43765" - }, - { - "name" : "3211", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3211" - }, - { - "name" : "joomla-wmtrssreader-file-include(37056)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43765", + "refsource": "OSVDB", + "url": "http://osvdb.org/43765" + }, + { + "name": "http://www.sibersavascilar.com/merhaba-dunya-1.html", + "refsource": "MISC", + "url": "http://www.sibersavascilar.com/merhaba-dunya-1.html" + }, + { + "name": "3211", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3211" + }, + { + "name": "joomla-wmtrssreader-file-include(37056)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37056" + }, + { + "name": "20071010 wmtrssreader joomla component 1.0 Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481979/100/0/threaded" + }, + { + "name": "25999", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25999" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5582.json b/2007/5xxx/CVE-2007-5582.json index c0728137736..ecbea245917 100644 --- a/2007/5xxx/CVE-2007-5582.json +++ b/2007/5xxx/CVE-2007-5582.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5582", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2007-5582", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071205 Advisory: Cross Site Scripting in CiscoWorks", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484609/100/0/threaded" - }, - { - "name" : "http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/", - "refsource" : "MISC", - "url" : "http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/" - }, - { - "name" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289" - }, - { - "name" : "20071205 CiscoWorks Server XSS Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml" - }, - { - "name" : "26708", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26708" - }, - { - "name" : "ADV-2007-4102", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4102" - }, - { - "name" : "1019043", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019043" - }, - { - "name" : "27902", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27902" - }, - { - "name" : "3449", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3449" - }, - { - "name" : "ciscoworks-cs-loginpage-xss(38862)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38862" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly 2.6 and earlier, when using CiscoWorks Common Services 3.0.x and 3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019043", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019043" + }, + { + "name": "ADV-2007-4102", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4102" + }, + { + "name": "http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/", + "refsource": "MISC", + "url": "http://www.liquidmatrix.org/blog/2007/12/05/advisory-cross-site-scripting-in-ciscoworks/" + }, + { + "name": "20071205 Advisory: Cross Site Scripting in CiscoWorks", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484609/100/0/threaded" + }, + { + "name": "3449", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3449" + }, + { + "name": "ciscoworks-cs-loginpage-xss(38862)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38862" + }, + { + "name": "26708", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26708" + }, + { + "name": "20071205 CiscoWorks Server XSS Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sr-20071205-cw.shtml" + }, + { + "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk69289" + }, + { + "name": "27902", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27902" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5889.json b/2007/5xxx/CVE-2007-5889.json index 6558506fc18..f999cf8d20a 100644 --- a/2007/5xxx/CVE-2007-5889.json +++ b/2007/5xxx/CVE-2007-5889.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix) allow remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter to (1) admin.php, (2) menu_add.php, and (3) menu_operation.php in administrator/, different vectors than CVE-2007-5294." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071106 IDMOS v1.0 Alpha Multiple RFI Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483351/100/0/threaded" - }, - { - "name" : "38735", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38735" - }, - { - "name" : "38736", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38736" - }, - { - "name" : "38737", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38737" - }, - { - "name" : "3345", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3345" - }, - { - "name" : "idmos-siteabsolutepath-file-include(38294)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix) allow remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter to (1) admin.php, (2) menu_add.php, and (3) menu_operation.php in administrator/, different vectors than CVE-2007-5294." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38736", + "refsource": "OSVDB", + "url": "http://osvdb.org/38736" + }, + { + "name": "idmos-siteabsolutepath-file-include(38294)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38294" + }, + { + "name": "38737", + "refsource": "OSVDB", + "url": "http://osvdb.org/38737" + }, + { + "name": "38735", + "refsource": "OSVDB", + "url": "http://osvdb.org/38735" + }, + { + "name": "3345", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3345" + }, + { + "name": "20071106 IDMOS v1.0 Alpha Multiple RFI Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483351/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2889.json b/2009/2xxx/CVE-2009-2889.json index e637894250a..f56f0b5ecac 100644 --- a/2009/2xxx/CVE-2009-2889.json +++ b/2009/2xxx/CVE-2009-2889.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt" - }, - { - "name" : "56074", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/56074" - }, - { - "name" : "35888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35888" - }, - { - "name" : "hangman-index-xss(51883)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51883" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56074", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/56074" + }, + { + "name": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0907-exploits/tophangman-sqlxss.txt" + }, + { + "name": "35888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35888" + }, + { + "name": "hangman-index-xss(51883)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51883" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3260.json b/2015/3xxx/CVE-2015-3260.json index 7d027b24ebe..152d291da34 100644 --- a/2015/3xxx/CVE-2015-3260.json +++ b/2015/3xxx/CVE-2015-3260.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3260", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3260", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3403.json b/2015/3xxx/CVE-2015-3403.json index 28f912c9831..7ff05776a4f 100644 --- a/2015/3xxx/CVE-2015-3403.json +++ b/2015/3xxx/CVE-2015-3403.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3403", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3403", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3434.json b/2015/3xxx/CVE-2015-3434.json index 873c3412f24..d5d7aa9fdc0 100644 --- a/2015/3xxx/CVE-2015-3434.json +++ b/2015/3xxx/CVE-2015-3434.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3434", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3434", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3460.json b/2015/3xxx/CVE-2015-3460.json index 794ae3c51b6..6715272a445 100644 --- a/2015/3xxx/CVE-2015-3460.json +++ b/2015/3xxx/CVE-2015-3460.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3460", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3460", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3482.json b/2015/3xxx/CVE-2015-3482.json index 8bdf937e4d0..fd5e581cc84 100644 --- a/2015/3xxx/CVE-2015-3482.json +++ b/2015/3xxx/CVE-2015-3482.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3482", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3482", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4314.json b/2015/4xxx/CVE-2015-4314.json index aceebc7237d..f672ef58de8 100644 --- a/2015/4xxx/CVE-2015-4314.json +++ b/2015/4xxx/CVE-2015-4314.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4314", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4314", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150812 Cisco TelePresence Video Communication Server Expressway Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40439" - }, - { - "name" : "1033266", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033266" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150812 Cisco TelePresence Video Communication Server Expressway Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40439" + }, + { + "name": "1033266", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033266" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4616.json b/2015/4xxx/CVE-2015-4616.json index f4a359ba3c9..c6cb192c495 100644 --- a/2015/4xxx/CVE-2015-4616.json +++ b/2015/4xxx/CVE-2015-4616.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4616", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4616", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150702 SQL Injection in easy2map wordpress plugin v1.24", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535922/100/0/threaded" - }, - { - "name" : "37534", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37534/" - }, - { - "name" : "20150703 SQL Injection in easy2map wordpress plugin v1.24", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jul/18" - }, - { - "name" : "http://www.vapid.dhs.org/advisory.php?v=131", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisory.php?v=131" - }, - { - "name" : "https://plugins.trac.wordpress.org/changeset/1191455/easy2map", - "refsource" : "CONFIRM", - "url" : "https://plugins.trac.wordpress.org/changeset/1191455/easy2map" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://plugins.trac.wordpress.org/changeset/1191455/easy2map", + "refsource": "CONFIRM", + "url": "https://plugins.trac.wordpress.org/changeset/1191455/easy2map" + }, + { + "name": "37534", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37534/" + }, + { + "name": "http://www.vapid.dhs.org/advisory.php?v=131", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisory.php?v=131" + }, + { + "name": "20150703 SQL Injection in easy2map wordpress plugin v1.24", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jul/18" + }, + { + "name": "20150702 SQL Injection in easy2map wordpress plugin v1.24", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535922/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4858.json b/2015/4xxx/CVE-2015-4858.json index 21f4a4cd16e..9790aa6fe16 100644 --- a/2015/4xxx/CVE-2015-4858.json +++ b/2015/4xxx/CVE-2015-4858.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4858", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4858", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3385", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3385" - }, - { - "name" : "DSA-3377", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3377" - }, - { - "name" : "FEDORA-2016-e30164d0a2", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html" - }, - { - "name" : "RHSA-2016:0534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "SUSE-SU-2016:0296", - "refsource" : "SUSE", - "url" : "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html" - }, - { - "name" : "openSUSE-SU-2016:0368", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:2244", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:2246", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html" - }, - { - "name" : "USN-2781-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2781-1" - }, - { - "name" : "77145", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77145" - }, - { - "name" : "1033894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2244", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "1033894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033894" + }, + { + "name": "77145", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77145" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "RHSA-2016:0534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html" + }, + { + "name": "USN-2781-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2781-1" + }, + { + "name": "SUSE-SU-2016:0296", + "refsource": "SUSE", + "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "openSUSE-SU-2015:2246", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html" + }, + { + "name": "DSA-3385", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3385" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2016:0368", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html" + }, + { + "name": "DSA-3377", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3377" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "FEDORA-2016-e30164d0a2", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7700.json b/2015/7xxx/CVE-2015-7700.json index 695106d882d..50361666252 100644 --- a/2015/7xxx/CVE-2015-7700.json +++ b/2015/7xxx/CVE-2015-7700.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pmt.sourceforge.net/pngcrush/changelog.html", - "refsource" : "CONFIRM", - "url" : "http://pmt.sourceforge.net/pngcrush/changelog.html" - }, - { - "name" : "https://sourceforge.net/p/pmt/news/2015/10/pngcrush-1787-released/", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/pmt/news/2015/10/pngcrush-1787-released/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/pmt/news/2015/10/pngcrush-1787-released/", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/pmt/news/2015/10/pngcrush-1787-released/" + }, + { + "name": "http://pmt.sourceforge.net/pngcrush/changelog.html", + "refsource": "CONFIRM", + "url": "http://pmt.sourceforge.net/pngcrush/changelog.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7730.json b/2015/7xxx/CVE-2015-7730.json index 8e48ffda302..357963fd0b7 100644 --- a/2015/7xxx/CVE-2015-7730.json +++ b/2015/7xxx/CVE-2015-7730.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7730", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7730", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150922 [Onapsis Security Advisory 2015-013] SAP Business Objects Memory Corruption", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/81" - }, - { - "name" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption" - }, - { - "name" : "1033637", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033637" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption" + }, + { + "name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", + "refsource": "MISC", + "url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" + }, + { + "name": "1033637", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033637" + }, + { + "name": "20150922 [Onapsis Security Advisory 2015-013] SAP Business Objects Memory Corruption", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/81" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8209.json b/2015/8xxx/CVE-2015-8209.json index c7721affd81..e5afa1500ad 100644 --- a/2015/8xxx/CVE-2015-8209.json +++ b/2015/8xxx/CVE-2015-8209.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8209", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8209", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8338.json b/2015/8xxx/CVE-2015-8338.json index 75316f83f2a..8b46cdeae16 100644 --- a/2015/8xxx/CVE-2015-8338.json +++ b/2015/8xxx/CVE-2015-8338.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-158.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-158.html" - }, - { - "name" : "DSA-3633", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3633" - }, - { - "name" : "78920", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78920" - }, - { - "name" : "1034390", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78920", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78920" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-158.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-158.html" + }, + { + "name": "1034390", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034390" + }, + { + "name": "DSA-3633", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3633" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8452.json b/2015/8xxx/CVE-2015-8452.json index 4bd946b4ea4..dff4fec7d6c 100644 --- a/2015/8xxx/CVE-2015-8452.json +++ b/2015/8xxx/CVE-2015-8452.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, and CVE-2015-8454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78715", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78715" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, and CVE-2015-8454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "78715", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78715" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8480.json b/2015/8xxx/CVE-2015-8480.json index a372ad627b1..e3ed4116008 100644 --- a/2015/8xxx/CVE-2015-8480.json +++ b/2015/8xxx/CVE-2015-8480.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-8480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=514759", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=514759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=514759", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=514759" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9268.json b/2015/9xxx/CVE-2015-9268.json index c860d5c0bb1..ecdffd19ca8 100644 --- a/2015/9xxx/CVE-2015-9268.json +++ b/2015/9xxx/CVE-2015-9268.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181130 [SECURITY] [DLA 1602-1] nsis security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00041.html" - }, - { - "name" : "https://sourceforge.net/p/nsis/bugs/1125/", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/nsis/bugs/1125/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1602-1] nsis security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00041.html" + }, + { + "name": "https://sourceforge.net/p/nsis/bugs/1125/", + "refsource": "MISC", + "url": "https://sourceforge.net/p/nsis/bugs/1125/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1165.json b/2016/1xxx/CVE-2016-1165.json index 6ab85a34b4d..47549dd9226 100644 --- a/2016/1xxx/CVE-2016-1165.json +++ b/2016/1xxx/CVE-2016-1165.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1165", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1165", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1514.json b/2016/1xxx/CVE-2016-1514.json index 6e633e5e989..810f350f07c 100644 --- a/2016/1xxx/CVE-2016-1514.json +++ b/2016/1xxx/CVE-2016-1514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1514", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8790. Reason: This candidate is a reservation duplicate of CVE-2015-8790. Notes: All CVE users should reference CVE-2015-8790 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1514", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-8790. Reason: This candidate is a reservation duplicate of CVE-2015-8790. Notes: All CVE users should reference CVE-2015-8790 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1878.json b/2016/1xxx/CVE-2016-1878.json index dc0b34450ef..faa63cbd1bb 100644 --- a/2016/1xxx/CVE-2016-1878.json +++ b/2016/1xxx/CVE-2016-1878.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1878", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1878", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1957.json b/2016/1xxx/CVE-2016-1957.json index 1bf7ccd3f2b..38f4f20c506 100644 --- a/2016/1xxx/CVE-2016-1957.json +++ b/2016/1xxx/CVE-2016-1957.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3510", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3510" - }, - { - "name" : "DSA-3520", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3520" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "openSUSE-SU-2016:0894", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" - }, - { - "name" : "openSUSE-SU-2016:1767", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:1769", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:1778", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" - }, - { - "name" : "SUSE-SU-2016:0909", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" - }, - { - "name" : "SUSE-SU-2016:0727", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" - }, - { - "name" : "SUSE-SU-2016:0777", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" - }, - { - "name" : "openSUSE-SU-2016:0731", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0733", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" - }, - { - "name" : "SUSE-SU-2016:0820", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" - }, - { - "name" : "openSUSE-SU-2016:0876", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" - }, - { - "name" : "USN-2917-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-2" - }, - { - "name" : "USN-2917-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-3" - }, - { - "name" : "USN-2934-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2934-1" - }, - { - "name" : "USN-2917-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2917-1" - }, - { - "name" : "1035215", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0894", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" + }, + { + "name": "SUSE-SU-2016:0820", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" + }, + { + "name": "openSUSE-SU-2016:1767", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2016:0731", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" + }, + { + "name": "SUSE-SU-2016:0727", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" + }, + { + "name": "openSUSE-SU-2016:1778", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html" + }, + { + "name": "openSUSE-SU-2016:0876", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" + }, + { + "name": "USN-2917-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-1" + }, + { + "name": "DSA-3520", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3520" + }, + { + "name": "openSUSE-SU-2016:1769", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052" + }, + { + "name": "SUSE-SU-2016:0909", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" + }, + { + "name": "DSA-3510", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3510" + }, + { + "name": "openSUSE-SU-2016:0733", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" + }, + { + "name": "1035215", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035215" + }, + { + "name": "SUSE-SU-2016:0777", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "USN-2934-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2934-1" + }, + { + "name": "USN-2917-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-2" + }, + { + "name": "USN-2917-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2917-3" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5161.json b/2016/5xxx/CVE-2016-5161.json index 2e753280410..c5352c8c7ba 100644 --- a/2016/5xxx/CVE-2016-5161.json +++ b/2016/5xxx/CVE-2016-5161.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5161", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages \"type confusion\" in the StylePropertySerializer class." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5161", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-501/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-501/" - }, - { - "name" : "https://codereview.chromium.org/2103043004", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2103043004" - }, - { - "name" : "https://crbug.com/622420", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/622420" - }, - { - "name" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", - "refsource" : "CONFIRM", - "url" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" - }, - { - "name" : "DSA-3660", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3660" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:1854", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1854.html" - }, - { - "name" : "openSUSE-SU-2016:2349", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" - }, - { - "name" : "SUSE-SU-2016:2251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:2250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:2296", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" - }, - { - "name" : "92717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92717" - }, - { - "name" : "1036729", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages \"type confusion\" in the StylePropertySerializer class." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:2250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" + }, + { + "name": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", + "refsource": "CONFIRM", + "url": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" + }, + { + "name": "https://codereview.chromium.org/2103043004", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2103043004" + }, + { + "name": "SUSE-SU-2016:2251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" + }, + { + "name": "92717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92717" + }, + { + "name": "1036729", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036729" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-501/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-501/" + }, + { + "name": "https://crbug.com/622420", + "refsource": "CONFIRM", + "url": "https://crbug.com/622420" + }, + { + "name": "openSUSE-SU-2016:2349", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" + }, + { + "name": "DSA-3660", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3660" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "openSUSE-SU-2016:2296", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" + }, + { + "name": "RHSA-2016:1854", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1854.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5754.json b/2016/5xxx/CVE-2016-5754.json index cda0fc4356c..794339b0acb 100644 --- a/2016/5xxx/CVE-2016-5754.json +++ b/2016/5xxx/CVE-2016-5754.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "ID" : "CVE-2016-5754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "NetIQ Access Manager", - "version" : { - "version_data" : [ - { - "version_value" : "NetIQ Access Manager" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "leak information" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2016-5754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NetIQ Access Manager", + "version": { + "version_data": [ + { + "version_value": "NetIQ Access Manager" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7017811", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7017811" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "leak information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.novell.com/support/kb/doc.php?id=7017811", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7017811" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5905.json b/2016/5xxx/CVE-2016-5905.json index a0a7deb33c1..d1d80108e75 100644 --- a/2016/5xxx/CVE-2016-5905.json +++ b/2016/5xxx/CVE-2016-5905.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988253", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988253" - }, - { - "name" : "93871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93871" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93871" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988253", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988253" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2006.json b/2018/2xxx/CVE-2018-2006.json index a0a8c5e8079..cb542dc540b 100644 --- a/2018/2xxx/CVE-2018-2006.json +++ b/2018/2xxx/CVE-2018-2006.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2019-02-19T00:00:00", - "ID" : "CVE-2018-2006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Robotic Process Automation with Automation Anywhere", - "version" : { - "version_data" : [ - { - "version_value" : "11" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to upload arbitrary files to the system. IBM X-Force ID: 155008." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "N", - "I" : "H", - "PR" : "H", - "S" : "U", - "SCORE" : "4.900", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "File Manipulation" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2019-02-19T00:00:00", + "ID": "CVE-2018-2006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Robotic Process Automation with Automation Anywhere", + "version": { + "version_data": [ + { + "version_value": "11" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794133" - }, - { - "name" : "107122", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107122" - }, - { - "name" : "ibm-rpa-cve20182006-dir-traversal(155008)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to upload arbitrary files to the system. IBM X-Force ID: 155008." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "N", + "I": "H", + "PR": "H", + "S": "U", + "SCORE": "4.900", + "UI": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "File Manipulation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107122", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107122" + }, + { + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10794133", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10794133" + }, + { + "name": "ibm-rpa-cve20182006-dir-traversal(155008)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155008" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2230.json b/2018/2xxx/CVE-2018-2230.json index 877a76a1c53..5ed5d3b9570 100644 --- a/2018/2xxx/CVE-2018-2230.json +++ b/2018/2xxx/CVE-2018-2230.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2230", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2230", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2419.json b/2018/2xxx/CVE-2018-2419.json index 3deb193f935..e657573382f 100644 --- a/2018/2xxx/CVE-2018-2419.json +++ b/2018/2xxx/CVE-2018-2419.json @@ -1,146 +1,146 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Enterprise Financial Services (SAPSCORE)", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "1.11" - }, - { - "version_affected" : "=", - "version_value" : "1.12" - } - ] - } - }, - { - "product_name" : "SAP Enterprise Financial Services (S4CORE)", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "1.01" - }, - { - "version_affected" : "=", - "version_value" : "1.02" - } - ] - } - }, - { - "product_name" : "SAP Enterprise Financial Services (EA-FINSERV)", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "6.04" - }, - { - "version_affected" : "=", - "version_value" : "6.05" - }, - { - "version_affected" : "=", - "version_value" : "6.06" - }, - { - "version_affected" : "=", - "version_value" : "6.16" - }, - { - "version_affected" : "=", - "version_value" : "6.17" - }, - { - "version_affected" : "=", - "version_value" : "6.18" - }, - { - "version_affected" : "=", - "version_value" : "8.0" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 3.7, - "baseSeverity" : "LOW", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Authorization Check" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Enterprise Financial Services (SAPSCORE)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.11" + }, + { + "version_affected": "=", + "version_value": "1.12" + } + ] + } + }, + { + "product_name": "SAP Enterprise Financial Services (S4CORE)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.01" + }, + { + "version_affected": "=", + "version_value": "1.02" + } + ] + } + }, + { + "product_name": "SAP Enterprise Financial Services (EA-FINSERV)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.04" + }, + { + "version_affected": "=", + "version_value": "6.05" + }, + { + "version_affected": "=", + "version_value": "6.06" + }, + { + "version_affected": "=", + "version_value": "6.16" + }, + { + "version_affected": "=", + "version_value": "6.17" + }, + { + "version_affected": "=", + "version_value": "6.18" + }, + { + "version_affected": "=", + "version_value": "8.0" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2596627", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2596627" - }, - { - "name" : "https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/" - }, - { - "name" : "104116", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104116" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authorization Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/" + }, + { + "name": "104116", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104116" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2596627", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2596627" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6342.json b/2018/6xxx/CVE-2018-6342.json index e97b1f27131..349e6e7e33c 100644 --- a/2018/6xxx/CVE-2018-6342.json +++ b/2018/6xxx/CVE-2018-6342.json @@ -1,109 +1,109 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@fb.com", - "DATE_ASSIGNED" : "2018-08-24", - "ID" : "CVE-2018-6342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "react-dev-utils", - "version" : { - "version_data" : [ - { - "version_affected" : "!=>", - "version_value" : "5.0.2" - }, - { - "version_affected" : ">=", - "version_value" : "5.0.0" - }, - { - "version_affected" : "!=>", - "version_value" : "4.2.2" - }, - { - "version_affected" : ">=", - "version_value" : "4.0.0" - }, - { - "version_affected" : "!=>", - "version_value" : "3.1.2" - }, - { - "version_affected" : ">=", - "version_value" : "3.0.0" - }, - { - "version_affected" : "!=>", - "version_value" : "2.0.2" - }, - { - "version_affected" : ">=", - "version_value" : "2.0.0" - }, - { - "version_affected" : "!=>", - "version_value" : "1.0.4" - }, - { - "version_affected" : ">=", - "version_value" : "1.0.0" - }, - { - "version_affected" : "!<", - "version_value" : "1.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "Facebook" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server (either via CSRF or by direct request) to execute arbitrary commands on the targeted system. This issue affects multiple branches: 1.x.x prior to 1.0.4, 2.x.x prior to 2.0.2, 3.x.x prior to 3.1.2, 4.x.x prior to 4.2.2, and 5.x.x prior to 5.0.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Neutralization of Special Elements used in an OS Command (CWE-78)" - } + "CVE_data_meta": { + "ASSIGNER": "cve-assign@fb.com", + "DATE_ASSIGNED": "2018-08-24", + "ID": "CVE-2018-6342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "react-dev-utils", + "version": { + "version_data": [ + { + "version_affected": "!=>", + "version_value": "5.0.2" + }, + { + "version_affected": ">=", + "version_value": "5.0.0" + }, + { + "version_affected": "!=>", + "version_value": "4.2.2" + }, + { + "version_affected": ">=", + "version_value": "4.0.0" + }, + { + "version_affected": "!=>", + "version_value": "3.1.2" + }, + { + "version_affected": ">=", + "version_value": "3.0.0" + }, + { + "version_affected": "!=>", + "version_value": "2.0.2" + }, + { + "version_affected": ">=", + "version_value": "2.0.0" + }, + { + "version_affected": "!=>", + "version_value": "1.0.4" + }, + { + "version_affected": ">=", + "version_value": "1.0.0" + }, + { + "version_affected": "!<", + "version_value": "1.0.0" + } + ] + } + } + ] + }, + "vendor_name": "Facebook" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/facebook/create-react-app/pull/4866", - "refsource" : "MISC", - "url" : "https://github.com/facebook/create-react-app/pull/4866" - }, - { - "name" : "https://github.com/facebook/create-react-app/releases/tag/v1.1.5", - "refsource" : "MISC", - "url" : "https://github.com/facebook/create-react-app/releases/tag/v1.1.5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, allowing an attacker who can make a network request to the server (either via CSRF or by direct request) to execute arbitrary commands on the targeted system. This issue affects multiple branches: 1.x.x prior to 1.0.4, 2.x.x prior to 2.0.2, 3.x.x prior to 3.1.2, 4.x.x prior to 4.2.2, and 5.x.x prior to 5.0.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Special Elements used in an OS Command (CWE-78)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/facebook/create-react-app/releases/tag/v1.1.5", + "refsource": "MISC", + "url": "https://github.com/facebook/create-react-app/releases/tag/v1.1.5" + }, + { + "name": "https://github.com/facebook/create-react-app/pull/4866", + "refsource": "MISC", + "url": "https://github.com/facebook/create-react-app/pull/4866" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0112.json b/2019/0xxx/CVE-2019-0112.json index b3c51ff5bb8..ff88a6a1cc3 100644 --- a/2019/0xxx/CVE-2019-0112.json +++ b/2019/0xxx/CVE-2019-0112.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-02-12T00:00:00", - "ID" : "CVE-2019-0112", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-02-12T00:00:00", + "ID": "CVE-2019-0112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html" - }, - { - "name" : "107064", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107064" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107064", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107064" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01" + }, + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0359.json b/2019/0xxx/CVE-2019-0359.json index df481e8ed84..73359e9c02b 100644 --- a/2019/0xxx/CVE-2019-0359.json +++ b/2019/0xxx/CVE-2019-0359.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0359", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0359", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0449.json b/2019/0xxx/CVE-2019-0449.json index 1f3a18f6cab..0fbcb453de9 100644 --- a/2019/0xxx/CVE-2019-0449.json +++ b/2019/0xxx/CVE-2019-0449.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0449", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0449", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0460.json b/2019/0xxx/CVE-2019-0460.json index 6628a337cd3..8f3a4f07f19 100644 --- a/2019/0xxx/CVE-2019-0460.json +++ b/2019/0xxx/CVE-2019-0460.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0460", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0460", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0834.json b/2019/0xxx/CVE-2019-0834.json index 7cf27fefe27..381bfb4e6b5 100644 --- a/2019/0xxx/CVE-2019-0834.json +++ b/2019/0xxx/CVE-2019-0834.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0834", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0834", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1092.json b/2019/1xxx/CVE-2019-1092.json index e5b861119dd..a9e191974f6 100644 --- a/2019/1xxx/CVE-2019-1092.json +++ b/2019/1xxx/CVE-2019-1092.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1092", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1092", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1394.json b/2019/1xxx/CVE-2019-1394.json index 9fd3b64862e..0002a7fc4eb 100644 --- a/2019/1xxx/CVE-2019-1394.json +++ b/2019/1xxx/CVE-2019-1394.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1394", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1394", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1870.json b/2019/1xxx/CVE-2019-1870.json index f050f94aee9..70852c2258a 100644 --- a/2019/1xxx/CVE-2019-1870.json +++ b/2019/1xxx/CVE-2019-1870.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1870", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1870", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1936.json b/2019/1xxx/CVE-2019-1936.json index 72cb6a463dc..1d2db91680c 100644 --- a/2019/1xxx/CVE-2019-1936.json +++ b/2019/1xxx/CVE-2019-1936.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1936", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1936", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4425.json b/2019/4xxx/CVE-2019-4425.json index 66d7e7706d2..aff4b2aac7f 100644 --- a/2019/4xxx/CVE-2019-4425.json +++ b/2019/4xxx/CVE-2019-4425.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4425", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4425", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4753.json b/2019/4xxx/CVE-2019-4753.json index 23004788c24..ce86bf57685 100644 --- a/2019/4xxx/CVE-2019-4753.json +++ b/2019/4xxx/CVE-2019-4753.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4753", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4753", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4950.json b/2019/4xxx/CVE-2019-4950.json index ab920b3a5db..2c7a907f1dc 100644 --- a/2019/4xxx/CVE-2019-4950.json +++ b/2019/4xxx/CVE-2019-4950.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4950", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4950", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5415.json b/2019/5xxx/CVE-2019-5415.json index 75b1286a7c2..f57f0be0e6e 100644 --- a/2019/5xxx/CVE-2019-5415.json +++ b/2019/5xxx/CVE-2019-5415.json @@ -1,59 +1,17 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5415", - "ASSIGNER": "support@hackerone.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "serve", - "version": { - "version_data": [ - { - "version_value": "7.0.0" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": { - "lang": "eng", - "value": "Information Exposure Through Directory Listing (CWE-548)" - } - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://hackerone.com/reports/330724", - "url": "https://hackerone.com/reports/330724" - } - ] + "STATE": "RESERVED" }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to." + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2019/5xxx/CVE-2019-5429.json b/2019/5xxx/CVE-2019-5429.json index af4c1d91b31..a82681c098b 100644 --- a/2019/5xxx/CVE-2019-5429.json +++ b/2019/5xxx/CVE-2019-5429.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5429", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5429", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5657.json b/2019/5xxx/CVE-2019-5657.json index 40540e87942..9d1ed5d22a0 100644 --- a/2019/5xxx/CVE-2019-5657.json +++ b/2019/5xxx/CVE-2019-5657.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5657", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5657", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5831.json b/2019/5xxx/CVE-2019-5831.json index b06bbbf1955..12c33a8412d 100644 --- a/2019/5xxx/CVE-2019-5831.json +++ b/2019/5xxx/CVE-2019-5831.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5831", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5831", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file