diff --git a/2007/0xxx/CVE-2007-0423.json b/2007/0xxx/CVE-2007-0423.json index fbeaba23c67..d7352fb5a65 100644 --- a/2007/0xxx/CVE-2007-0423.json +++ b/2007/0xxx/CVE-2007-0423.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0423", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be \"inadvertently affected,\" which has an unknown impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0423", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "BEA07-151.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/218" - }, - { - "name" : "22082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22082" - }, - { - "name" : "ADV-2007-0213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0213" - }, - { - "name" : "32857", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32857" - }, - { - "name" : "1017521", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017521" - }, - { - "name" : "23750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23750" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be \"inadvertently affected,\" which has an unknown impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32857", + "refsource": "OSVDB", + "url": "http://osvdb.org/32857" + }, + { + "name": "23750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23750" + }, + { + "name": "22082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22082" + }, + { + "name": "1017521", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017521" + }, + { + "name": "ADV-2007-0213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0213" + }, + { + "name": "BEA07-151.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/218" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3218.json b/2007/3xxx/CVE-2007-3218.json index 8c9d88a671e..1b3350d8dda 100644 --- a/2007/3xxx/CVE-2007-3218.json +++ b/2007/3xxx/CVE-2007-3218.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3218", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3218", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html" - }, - { - "name" : "24443", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24443" - }, - { - "name" : "36814", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36814" - }, - { - "name" : "phplive-request-xss(34828)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html", + "refsource": "MISC", + "url": "http://pridels-team.blogspot.com/2007/06/php-live-support-xss-vuln.html" + }, + { + "name": "24443", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24443" + }, + { + "name": "36814", + "refsource": "OSVDB", + "url": "http://osvdb.org/36814" + }, + { + "name": "phplive-request-xss(34828)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34828" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3253.json b/2007/3xxx/CVE-2007-3253.json index 28b31681f1e..27f0b2f31d4 100644 --- a/2007/3xxx/CVE-2007-3253.json +++ b/2007/3xxx/CVE-2007-3253.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html", - "refsource" : "CONFIRM", - "url" : "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html" - }, - { - "name" : "24492", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24492" - }, - { - "name" : "ADV-2007-2220", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2220" - }, - { - "name" : "37345", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37345" - }, - { - "name" : "37346", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37346" - }, - { - "name" : "25694", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25694" - }, - { - "name" : "astaro-http-proxy-dos(34884)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884" - }, - { - "name" : "astaro-smtp-proxy-dos(34882)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html", + "refsource": "CONFIRM", + "url": "http://up2date.astaro.com/2007/06/up2date_7005_released_middle.html" + }, + { + "name": "37346", + "refsource": "OSVDB", + "url": "http://osvdb.org/37346" + }, + { + "name": "25694", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25694" + }, + { + "name": "37345", + "refsource": "OSVDB", + "url": "http://osvdb.org/37345" + }, + { + "name": "astaro-http-proxy-dos(34884)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34884" + }, + { + "name": "24492", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24492" + }, + { + "name": "ADV-2007-2220", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2220" + }, + { + "name": "astaro-smtp-proxy-dos(34882)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34882" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3426.json b/2007/3xxx/CVE-2007-3426.json index 4c35d3475c9..8cc9412d4a1 100644 --- a/2007/3xxx/CVE-2007-3426.json +++ b/2007/3xxx/CVE-2007-3426.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3426", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070624 phpTrafficA < 1.4.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472211/100/0/threaded" - }, - { - "name" : "4100", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4100" - }, - { - "name" : "http://soft.zoneo.net/phpTrafficA/Files/get.php?phpTrafficA-1.4.3.tgz", - "refsource" : "CONFIRM", - "url" : "http://soft.zoneo.net/phpTrafficA/Files/get.php?phpTrafficA-1.4.3.tgz" - }, - { - "name" : "20070626 vendor ACK for phpTrafficA issues", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-June/001684.html" - }, - { - "name" : "37475", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37475" - }, - { - "name" : "25773", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25773" - }, - { - "name" : "phptraffica-index-xss(35013)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35013" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070624 phpTrafficA < 1.4.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472211/100/0/threaded" + }, + { + "name": "37475", + "refsource": "OSVDB", + "url": "http://osvdb.org/37475" + }, + { + "name": "20070626 vendor ACK for phpTrafficA issues", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-June/001684.html" + }, + { + "name": "http://soft.zoneo.net/phpTrafficA/Files/get.php?phpTrafficA-1.4.3.tgz", + "refsource": "CONFIRM", + "url": "http://soft.zoneo.net/phpTrafficA/Files/get.php?phpTrafficA-1.4.3.tgz" + }, + { + "name": "25773", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25773" + }, + { + "name": "4100", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4100" + }, + { + "name": "phptraffica-index-xss(35013)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35013" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3528.json b/2007/3xxx/CVE-2007-3528.json index 61b016a3d9c..4d0bae03f54 100644 --- a/2007/3xxx/CVE-2007-3528.json +++ b/2007/3xxx/CVE-2007-3528.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3528", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by (1) discarding random bits by the blowfish::make_ivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and (2) direct use of a password for keying, which makes it easier for context-dependent attackers to decrypt files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425335", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425335" - }, - { - "name" : "https://sourceforge.net/forum/forum.php?forum_id=711619", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/forum/forum.php?forum_id=711619" - }, - { - "name" : "https://sourceforge.net/forum/forum.php?forum_id=711620", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/forum/forum.php?forum_id=711620" - }, - { - "name" : "https://sourceforge.net/tracker/index.php?func=detail&aid=1730439&group_id=65612&atid=511612", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/tracker/index.php?func=detail&aid=1730439&group_id=65612&atid=511612" - }, - { - "name" : "24930", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24930" - }, - { - "name" : "38189", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38189" - }, - { - "name" : "38190", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38190" - }, - { - "name" : "25953", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The blowfish mode in DAR before 2.3.4 uses weak Blowfish-CBC cryptography by (1) discarding random bits by the blowfish::make_ivec function in libdar/crypto.cpp that results in predictable and repeating IV values, and (2) direct use of a password for keying, which makes it easier for context-dependent attackers to decrypt files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/forum/forum.php?forum_id=711619", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/forum/forum.php?forum_id=711619" + }, + { + "name": "24930", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24930" + }, + { + "name": "https://sourceforge.net/tracker/index.php?func=detail&aid=1730439&group_id=65612&atid=511612", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/tracker/index.php?func=detail&aid=1730439&group_id=65612&atid=511612" + }, + { + "name": "25953", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25953" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425335", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=425335" + }, + { + "name": "38189", + "refsource": "OSVDB", + "url": "http://osvdb.org/38189" + }, + { + "name": "https://sourceforge.net/forum/forum.php?forum_id=711620", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/forum/forum.php?forum_id=711620" + }, + { + "name": "38190", + "refsource": "OSVDB", + "url": "http://osvdb.org/38190" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3622.json b/2007/3xxx/CVE-2007-3622.json index 3e76dfd74c6..4936cfc70ee 100644 --- a/2007/3xxx/CVE-2007-3622.json +++ b/2007/3xxx/CVE-2007-3622.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://files.altn.com/MDaemon/Release/RelNotes_en.txt", - "refsource" : "CONFIRM", - "url" : "http://files.altn.com/MDaemon/Release/RelNotes_en.txt" - }, - { - "name" : "24787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24787" - }, - { - "name" : "37193", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37193" - }, - { - "name" : "1018342", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018342" - }, - { - "name" : "25968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25968" - }, - { - "name" : "mdaemon-domainpop-dos(35285)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35285" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37193", + "refsource": "OSVDB", + "url": "http://osvdb.org/37193" + }, + { + "name": "25968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25968" + }, + { + "name": "1018342", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018342" + }, + { + "name": "24787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24787" + }, + { + "name": "http://files.altn.com/MDaemon/Release/RelNotes_en.txt", + "refsource": "CONFIRM", + "url": "http://files.altn.com/MDaemon/Release/RelNotes_en.txt" + }, + { + "name": "mdaemon-domainpop-dos(35285)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35285" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3915.json b/2007/3xxx/CVE-2007-3915.json index a9b080a1ac4..a2d0f501912 100644 --- a/2007/3xxx/CVE-2007-3915.json +++ b/2007/3xxx/CVE-2007-3915.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3915", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3915", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4013.json b/2007/4xxx/CVE-2007-4013.json index 57757db2092..72fd26a5904 100644 --- a/2007/4xxx/CVE-2007-4013.json +++ b/2007/4xxx/CVE-2007-4013.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.citrix.com/article/CTX113815", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX113815" - }, - { - "name" : "http://support.citrix.com/article/CTX114028", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX114028" - }, - { - "name" : "24975", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24975" - }, - { - "name" : "ADV-2007-2583", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2583" - }, - { - "name" : "37842", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37842" - }, - { - "name" : "37843", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37843" - }, - { - "name" : "37844", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37844" - }, - { - "name" : "26143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26143" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2583", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2583" + }, + { + "name": "26143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26143" + }, + { + "name": "24975", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24975" + }, + { + "name": "37843", + "refsource": "OSVDB", + "url": "http://osvdb.org/37843" + }, + { + "name": "37844", + "refsource": "OSVDB", + "url": "http://osvdb.org/37844" + }, + { + "name": "http://support.citrix.com/article/CTX113815", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX113815" + }, + { + "name": "http://support.citrix.com/article/CTX114028", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX114028" + }, + { + "name": "37842", + "refsource": "OSVDB", + "url": "http://osvdb.org/37842" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6191.json b/2007/6xxx/CVE-2007-6191.json index 54fcbd545c3..d83be09038b 100644 --- a/2007/6xxx/CVE-2007-6191.json +++ b/2007/6xxx/CVE-2007-6191.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.mapper 3.2.0 beta3 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PM_INCPHP] parameter to (1) incphp/globals.php or (2) plugins/export/mc_table.php. NOTE: it could be argued that this vulnerability is caused by a problem in PHP and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in p.mapper." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.packetstormsecurity.org/0711-exploits/pmapper-rfi.txt", - "refsource" : "MISC", - "url" : "http://www.packetstormsecurity.org/0711-exploits/pmapper-rfi.txt" - }, - { - "name" : "26614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26614" - }, - { - "name" : "27876", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27876" - }, - { - "name" : "pmapper-sessionpmincphp-file-include(38732)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38732" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.mapper 3.2.0 beta3 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PM_INCPHP] parameter to (1) incphp/globals.php or (2) plugins/export/mc_table.php. NOTE: it could be argued that this vulnerability is caused by a problem in PHP and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in p.mapper." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26614" + }, + { + "name": "pmapper-sessionpmincphp-file-include(38732)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38732" + }, + { + "name": "27876", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27876" + }, + { + "name": "http://www.packetstormsecurity.org/0711-exploits/pmapper-rfi.txt", + "refsource": "MISC", + "url": "http://www.packetstormsecurity.org/0711-exploits/pmapper-rfi.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6672.json b/2007/6xxx/CVE-2007-6672.json index 1b1aca8b118..38f5577d2f9 100644 --- a/2007/6xxx/CVE-2007-6672.json +++ b/2007/6xxx/CVE-2007-6672.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.igniterealtime.org/community/message/163752", - "refsource" : "MISC", - "url" : "http://www.igniterealtime.org/community/message/163752" - }, - { - "name" : "http://jira.codehaus.org/browse/JETTY-386#action_117699", - "refsource" : "CONFIRM", - "url" : "http://jira.codehaus.org/browse/JETTY-386#action_117699" - }, - { - "name" : "http://jira.codehaus.org/browse/JETTY/fixforversion/13950", - "refsource" : "CONFIRM", - "url" : "http://jira.codehaus.org/browse/JETTY/fixforversion/13950" - }, - { - "name" : "VU#553235", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/553235" - }, - { - "name" : "27117", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27117" - }, - { - "name" : "39855", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39855" - }, - { - "name" : "ADV-2008-0079", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0079" - }, - { - "name" : "28322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28322" - }, - { - "name" : "28547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28547" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://jira.codehaus.org/browse/JETTY-386#action_117699", + "refsource": "CONFIRM", + "url": "http://jira.codehaus.org/browse/JETTY-386#action_117699" + }, + { + "name": "39855", + "refsource": "OSVDB", + "url": "http://osvdb.org/39855" + }, + { + "name": "ADV-2008-0079", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0079" + }, + { + "name": "http://www.igniterealtime.org/community/message/163752", + "refsource": "MISC", + "url": "http://www.igniterealtime.org/community/message/163752" + }, + { + "name": "http://jira.codehaus.org/browse/JETTY/fixforversion/13950", + "refsource": "CONFIRM", + "url": "http://jira.codehaus.org/browse/JETTY/fixforversion/13950" + }, + { + "name": "VU#553235", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/553235" + }, + { + "name": "28322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28322" + }, + { + "name": "28547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28547" + }, + { + "name": "27117", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27117" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1947.json b/2010/1xxx/CVE-2010-1947.json index dcf55be6b15..24c3e1b95d8 100644 --- a/2010/1xxx/CVE-2010-1947.json +++ b/2010/1xxx/CVE-2010-1947.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in scr/soustab.php in openMairie Openregistrecil 1.02, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter. NOTE: this may be related to CVE-2007-2069." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "12313", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12313" - }, - { - "name" : "http://packetstormsecurity.org/1004-exploits/openregistrecil-rfilfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/openregistrecil-rfilfi.txt" - }, - { - "name" : "39611", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39611" - }, - { - "name" : "63964", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/63964" - }, - { - "name" : "39534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39534" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in scr/soustab.php in openMairie Openregistrecil 1.02, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter. NOTE: this may be related to CVE-2007-2069." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39534" + }, + { + "name": "http://packetstormsecurity.org/1004-exploits/openregistrecil-rfilfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/openregistrecil-rfilfi.txt" + }, + { + "name": "39611", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39611" + }, + { + "name": "63964", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/63964" + }, + { + "name": "12313", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12313" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5111.json b/2010/5xxx/CVE-2010-5111.json index 0b4034c83a4..c0c9371e954 100644 --- a/2010/5xxx/CVE-2010-5111.json +++ b/2010/5xxx/CVE-2010-5111.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted reply in the (1) TLS_readline or (2) SSL_readline function, related to the EchoPingHttps Smokeping probe." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-5111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20131017 CVE request: echoping buffer overflow vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/10/17/1" - }, - { - "name" : "[oss-security] 20131021 Re: CVE request: echoping buffer overflow vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/10/21/9" - }, - { - "name" : "http://sourceforge.net/p/echoping/bugs/55", - "refsource" : "MISC", - "url" : "http://sourceforge.net/p/echoping/bugs/55" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606808", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606808" - }, - { - "name" : "GLSA-201406-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-07.xml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted reply in the (1) TLS_readline or (2) SSL_readline function, related to the EchoPingHttps Smokeping probe." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/p/echoping/bugs/55", + "refsource": "MISC", + "url": "http://sourceforge.net/p/echoping/bugs/55" + }, + { + "name": "[oss-security] 20131021 Re: CVE request: echoping buffer overflow vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/10/21/9" + }, + { + "name": "[oss-security] 20131017 CVE request: echoping buffer overflow vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/10/17/1" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606808", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606808" + }, + { + "name": "GLSA-201406-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-07.xml" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5240.json b/2010/5xxx/CVE-2010-5240.json index cc1be547183..fd1cf2dde49 100644 --- a/2010/5xxx/CVE-2010-5240.json +++ b/2010/5xxx/CVE-2010-5240.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5240", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5240", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php" - }, - { - "name" : "41148", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41148" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41148", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41148" + }, + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4953.php" + }, + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4954.php" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1236.json b/2014/1xxx/CVE-2014-1236.json index 961cd991641..a996fe1b019 100644 --- a/2014/1xxx/CVE-2014-1236.json +++ b/2014/1xxx/CVE-2014-1236.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1236", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a \"badly formed number\" and a \"long digit list.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140108 Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q1/54" - }, - { - "name" : "[oss-security] 20140108 Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q1/46" - }, - { - "name" : "[oss-security] 20140108 Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q1/51" - }, - { - "name" : "https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff", - "refsource" : "CONFIRM", - "url" : "https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050872", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050872" - }, - { - "name" : "DSA-2843", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2843" - }, - { - "name" : "GLSA-201702-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201702-06" - }, - { - "name" : "MDVSA-2014:024", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:024" - }, - { - "name" : "64737", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64737" - }, - { - "name" : "101851", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/101851" - }, - { - "name" : "55666", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55666" - }, - { - "name" : "56244", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a \"badly formed number\" and a \"long digit list.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140108 Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q1/51" + }, + { + "name": "101851", + "refsource": "OSVDB", + "url": "http://osvdb.org/101851" + }, + { + "name": "MDVSA-2014:024", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:024" + }, + { + "name": "GLSA-201702-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201702-06" + }, + { + "name": "[oss-security] 20140108 Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q1/54" + }, + { + "name": "https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff", + "refsource": "CONFIRM", + "url": "https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff" + }, + { + "name": "DSA-2843", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2843" + }, + { + "name": "[oss-security] 20140108 Re: Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q1/46" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1050872", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1050872" + }, + { + "name": "64737", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64737" + }, + { + "name": "55666", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55666" + }, + { + "name": "56244", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56244" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1477.json b/2014/1xxx/CVE-2014-1477.json index 431b37c3e5f..e3cdff70882 100644 --- a/2014/1xxx/CVE-2014-1477.json +++ b/2014/1xxx/CVE-2014-1477.json @@ -1,267 +1,267 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=921470" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925896" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=936808" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=937132" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=937697" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945334" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945939" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950000" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950438" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=951366" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953114" - }, - { - "name" : "https://8pecxstudios.com/?page_id=44080", - "refsource" : "CONFIRM", - "url" : "https://8pecxstudios.com/?page_id=44080" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", - "refsource" : "CONFIRM", - "url" : "http://download.novell.com/Download?buildid=VYQsgaFpQ2k" - }, - { - "name" : "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", - "refsource" : "CONFIRM", - "url" : "http://download.novell.com/Download?buildid=Y2fux-JW1Qc" - }, - { - "name" : "DSA-2858", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2858" - }, - { - "name" : "FEDORA-2014-2041", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html" - }, - { - "name" : "FEDORA-2014-2083", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "RHSA-2014:0132", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0132.html" - }, - { - "name" : "RHSA-2014:0133", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0133.html" - }, - { - "name" : "SUSE-SU-2014:0248", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html" - }, - { - "name" : "openSUSE-SU-2014:0212", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html" - }, - { - "name" : "openSUSE-SU-2014:0213", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html" - }, - { - "name" : "openSUSE-SU-2014:0419", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" - }, - { - "name" : "USN-2102-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2102-1" - }, - { - "name" : "USN-2102-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2102-2" - }, - { - "name" : "USN-2119-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2119-1" - }, - { - "name" : "65317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65317" - }, - { - "name" : "102864", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102864" - }, - { - "name" : "1029717", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029717" - }, - { - "name" : "1029720", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029720" - }, - { - "name" : "1029721", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029721" - }, - { - "name" : "56706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56706" - }, - { - "name" : "56761", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56761" - }, - { - "name" : "56763", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56763" - }, - { - "name" : "56767", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56767" - }, - { - "name" : "56787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56787" - }, - { - "name" : "56858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56858" - }, - { - "name" : "56888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56888" - }, - { - "name" : "firefox-cve20141477-code-exec(90899)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2119-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2119-1" + }, + { + "name": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc", + "refsource": "CONFIRM", + "url": "http://download.novell.com/Download?buildid=Y2fux-JW1Qc" + }, + { + "name": "1029721", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029721" + }, + { + "name": "openSUSE-SU-2014:0212", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950000" + }, + { + "name": "1029717", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029717" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html" + }, + { + "name": "https://8pecxstudios.com/?page_id=44080", + "refsource": "CONFIRM", + "url": "https://8pecxstudios.com/?page_id=44080" + }, + { + "name": "RHSA-2014:0132", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0132.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953114" + }, + { + "name": "56787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56787" + }, + { + "name": "1029720", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029720" + }, + { + "name": "56858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56858" + }, + { + "name": "DSA-2858", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2858" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945334" + }, + { + "name": "56763", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56763" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925896" + }, + { + "name": "firefox-cve20141477-code-exec(90899)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90899" + }, + { + "name": "USN-2102-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2102-2" + }, + { + "name": "RHSA-2014:0133", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0133.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "65317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65317" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950438" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937132" + }, + { + "name": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k", + "refsource": "CONFIRM", + "url": "http://download.novell.com/Download?buildid=VYQsgaFpQ2k" + }, + { + "name": "56888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56888" + }, + { + "name": "FEDORA-2014-2083", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html" + }, + { + "name": "openSUSE-SU-2014:0419", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" + }, + { + "name": "56761", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56761" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=921470" + }, + { + "name": "102864", + "refsource": "OSVDB", + "url": "http://osvdb.org/102864" + }, + { + "name": "FEDORA-2014-2041", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=937697" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945939" + }, + { + "name": "SUSE-SU-2014:0248", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html" + }, + { + "name": "openSUSE-SU-2014:0213", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html" + }, + { + "name": "USN-2102-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2102-1" + }, + { + "name": "56767", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56767" + }, + { + "name": "56706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56706" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=951366" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=936808" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1697.json b/2014/1xxx/CVE-2014-1697.json index fb5fa4630ee..f4f2d377a52 100644 --- a/2014/1xxx/CVE-2014-1697.json +++ b/2014/1xxx/CVE-2014-1697.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1697", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1697", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01", - "refsource" : "MISC", - "url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01" - }, - { - "name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf" - }, - { - "name" : "65351", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65351" - }, - { - "name" : "102810", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102810" - }, - { - "name" : "56651", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56651" - }, - { - "name" : "simatic-wincc-cve20141697-code-exec(90933)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90933" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102810", + "refsource": "OSVDB", + "url": "http://osvdb.org/102810" + }, + { + "name": "simatic-wincc-cve20141697-code-exec(90933)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90933" + }, + { + "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf" + }, + { + "name": "56651", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56651" + }, + { + "name": "65351", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65351" + }, + { + "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01", + "refsource": "MISC", + "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1796.json b/2014/1xxx/CVE-2014-1796.json index a3ab90abd09..5a3a52a1a5c 100644 --- a/2014/1xxx/CVE-2014-1796.json +++ b/2014/1xxx/CVE-2014-1796.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" - }, - { - "name" : "67889", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67889" - }, - { - "name" : "1030370", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030370", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030370" + }, + { + "name": "MS14-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" + }, + { + "name": "67889", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67889" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1917.json b/2014/1xxx/CVE-2014-1917.json index 6d45a8c0d59..9762a9fea5c 100644 --- a/2014/1xxx/CVE-2014-1917.json +++ b/2014/1xxx/CVE-2014-1917.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1917", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1917", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5066.json b/2014/5xxx/CVE-2014-5066.json index a66bf41a880..6f0ed0131bf 100644 --- a/2014/5xxx/CVE-2014-5066.json +++ b/2014/5xxx/CVE-2014-5066.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5066", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5066", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5357.json b/2014/5xxx/CVE-2014-5357.json index ae53244014f..5da5d7f1d76 100644 --- a/2014/5xxx/CVE-2014-5357.json +++ b/2014/5xxx/CVE-2014-5357.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5357", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5357", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5799.json b/2014/5xxx/CVE-2014-5799.json index dbdd2c2e60c..d9427c7d7af 100644 --- a/2014/5xxx/CVE-2014-5799.json +++ b/2014/5xxx/CVE-2014-5799.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#824409", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/824409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The smart.card (aka nh.smart.card) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#824409", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/824409" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5897.json b/2014/5xxx/CVE-2014-5897.json index 333a6a9be2a..9e62d0ec0a0 100644 --- a/2014/5xxx/CVE-2014-5897.json +++ b/2014/5xxx/CVE-2014-5897.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5897", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#663721", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/663721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#663721", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/663721" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2210.json b/2015/2xxx/CVE-2015-2210.json index e364c03106f..d75f225d6e4 100644 --- a/2015/2xxx/CVE-2015-2210.json +++ b/2015/2xxx/CVE-2015-2210.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2210", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2210", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150502 Code Injection in Epicor Retail Store 3.2.03.01.008", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535423/100/1000/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/131732/Epicor-Retail-Store-Help-System-3.2.03.01.008-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131732/Epicor-Retail-Store-Help-System-3.2.03.01.008-Code-Execution.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/131732/Epicor-Retail-Store-Help-System-3.2.03.01.008-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131732/Epicor-Retail-Store-Help-System-3.2.03.01.008-Code-Execution.html" + }, + { + "name": "20150502 Code Injection in Epicor Retail Store 3.2.03.01.008", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535423/100/1000/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2425.json b/2015/2xxx/CVE-2015-2425.json index 67be8dd1b2c..2e2a41baa4e 100644 --- a/2015/2xxx/CVE-2015-2425.json +++ b/2015/2xxx/CVE-2015-2425.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2425", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2383 and CVE-2015-2384." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2383 and CVE-2015-2384." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2469.json b/2015/2xxx/CVE-2015-2469.json index bb39ea70dfe..099d7da4086 100644 --- a/2015/2xxx/CVE-2015-2469.json +++ b/2015/2xxx/CVE-2015-2469.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37910", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37910/" - }, - { - "name" : "MS15-081", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081" - }, - { - "name" : "1033239", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37910", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37910/" + }, + { + "name": "MS15-081", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081" + }, + { + "name": "1033239", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033239" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6245.json b/2015/6xxx/CVE-2015-6245.json index ce9d1ef2f1a..844440c6ec0 100644 --- a/2015/6xxx/CVE-2015-6245.json +++ b/2015/6xxx/CVE-2015-6245.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-25.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-25.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=78bc3dd93a562ca1b1c5dbc8f71d2967008be7ed", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=78bc3dd93a562ca1b1c5dbc8f71d2967008be7ed" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "DSA-3367", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3367" - }, - { - "name" : "FEDORA-2015-13945", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" - }, - { - "name" : "FEDORA-2015-13946", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" - }, - { - "name" : "openSUSE-SU-2015:1836", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" - }, - { - "name" : "76382", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76382" - }, - { - "name" : "1033272", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76382", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76382" + }, + { + "name": "FEDORA-2015-13945", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" + }, + { + "name": "1033272", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033272" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-25.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-25.html" + }, + { + "name": "FEDORA-2015-13946", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" + }, + { + "name": "DSA-3367", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3367" + }, + { + "name": "openSUSE-SU-2015:1836", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=78bc3dd93a562ca1b1c5dbc8f71d2967008be7ed", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=78bc3dd93a562ca1b1c5dbc8f71d2967008be7ed" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6328.json b/2015/6xxx/CVE-2015-6328.json index 8700a59b761..859e077d37b 100644 --- a/2015/6xxx/CVE-2015-6328.json +++ b/2015/6xxx/CVE-2015-6328.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6328", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6328", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151008 Cisco Prime Collaboration Assurance Arbitrary File Retrieval Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca" - }, - { - "name" : "1033784", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated users to bypass intended access restrictions and read arbitrary files via a crafted URL, aka Bug ID CSCus88380." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033784", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033784" + }, + { + "name": "20151008 Cisco Prime Collaboration Assurance Arbitrary File Retrieval Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6622.json b/2015/6xxx/CVE-2015-6622.json index 7b71994dca5..c8438d22124 100644 --- a/2015/6xxx/CVE-2015-6622.json +++ b/2015/6xxx/CVE-2015-6622.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23905002." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2015-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2015-12-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23905002." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2015-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2015-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6915.json b/2015/6xxx/CVE-2015-6915.json index e5161c90a43..031eddbfba0 100644 --- a/2015/6xxx/CVE-2015-6915.json +++ b/2015/6xxx/CVE-2015-6915.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6915", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote attackers to execute arbitrary SQL commands via the \"user\" cookie to plugins/feedback/pages/feedback.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6915", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/133297/ResourceSpace-CMS-7.3.7009-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133297/ResourceSpace-CMS-7.3.7009-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote attackers to execute arbitrary SQL commands via the \"user\" cookie to plugins/feedback/pages/feedback.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133297/ResourceSpace-CMS-7.3.7009-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133297/ResourceSpace-CMS-7.3.7009-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0871.json b/2016/0xxx/CVE-2016-0871.json index a735b47be80..92c47e1d15d 100644 --- a/2016/0xxx/CVE-2016-0871.json +++ b/2016/0xxx/CVE-2016-0871.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-0871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-061-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-061-03" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to read the configuration file, and consequently discover credentials, via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-061-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-061-03" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000186.json b/2016/1000xxx/CVE-2016-1000186.json index 2475035dc8c..6ca59b69a6c 100644 --- a/2016/1000xxx/CVE-2016-1000186.json +++ b/2016/1000xxx/CVE-2016-1000186.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000186", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000186", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10204.json b/2016/10xxx/CVE-2016-10204.json index b185d7ae9f4..74b1f0f9a25 100644 --- a/2016/10xxx/CVE-2016-10204.json +++ b/2016/10xxx/CVE-2016-10204.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170204 Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/02/05/1" - }, - { - "name" : "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt", - "refsource" : "MISC", - "url" : "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20170204 Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/02/05/1" + }, + { + "name": "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt", + "refsource": "MISC", + "url": "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10305.json b/2016/10xxx/CVE-2016-10305.json index fa6a10fe91f..043fe37af35 100644 --- a/2016/10xxx/CVE-2016-10305.json +++ b/2016/10xxx/CVE-2016-10305.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.iancaling.com/post/153011925478", - "refsource" : "MISC", - "url" : "http://blog.iancaling.com/post/153011925478" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.iancaling.com/post/153011925478", + "refsource": "MISC", + "url": "http://blog.iancaling.com/post/153011925478" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10483.json b/2016/10xxx/CVE-2016-10483.json index 0fcce83ad36..ccfe444f851 100644 --- a/2016/10xxx/CVE-2016-10483.json +++ b/2016/10xxx/CVE-2016-10483.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 410/12, SD 615/16/SD 415, SD 808, SD 810" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can lead to unauthorized memory access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Input Validation in CORE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 410/12, SD 615/16/SD 415, SD 808, SD 810" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can lead to unauthorized memory access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation in CORE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4079.json b/2016/4xxx/CVE-2016-4079.json index fa5f92de624..b63856c54a1 100644 --- a/2016/4xxx/CVE-2016-4079.json +++ b/2016/4xxx/CVE-2016-4079.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2016-22.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2016-22.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12206", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12206" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4cdc9eeba58f866bd5f273e9c5b3876857a7a4bf", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4cdc9eeba58f866bd5f273e9c5b3876857a7a4bf" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "DSA-3585", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3585" - }, - { - "name" : "1035685", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-pktc.c in the PKTC dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not verify BER identifiers, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035685", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035685" + }, + { + "name": "DSA-3585", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3585" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2016-22.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2016-22.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4cdc9eeba58f866bd5f273e9c5b3876857a7a4bf", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4cdc9eeba58f866bd5f273e9c5b3876857a7a4bf" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12206", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12206" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4475.json b/2016/4xxx/CVE-2016-4475.json index bf82e625945..ffa31cb659b 100644 --- a/2016/4xxx/CVE-2016-4475.json +++ b/2016/4xxx/CVE-2016-4475.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4475", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.theforeman.org/issues/15268", - "refsource" : "CONFIRM", - "url" : "http://projects.theforeman.org/issues/15268" - }, - { - "name" : "http://projects.theforeman.org/projects/foreman/repository/revisions/a30ab44ed6f140f1791afc51a1e448afc2ff28f9", - "refsource" : "CONFIRM", - "url" : "http://projects.theforeman.org/projects/foreman/repository/revisions/a30ab44ed6f140f1791afc51a1e448afc2ff28f9" - }, - { - "name" : "https://theforeman.org/security.html#2016-4475", - "refsource" : "CONFIRM", - "url" : "https://theforeman.org/security.html#2016-4475" - }, - { - "name" : "RHBA-2016:1615", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHBA-2016:1615" - }, - { - "name" : "92125", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92125" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://theforeman.org/security.html#2016-4475", + "refsource": "CONFIRM", + "url": "https://theforeman.org/security.html#2016-4475" + }, + { + "name": "http://projects.theforeman.org/issues/15268", + "refsource": "CONFIRM", + "url": "http://projects.theforeman.org/issues/15268" + }, + { + "name": "RHBA-2016:1615", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHBA-2016:1615" + }, + { + "name": "http://projects.theforeman.org/projects/foreman/repository/revisions/a30ab44ed6f140f1791afc51a1e448afc2ff28f9", + "refsource": "CONFIRM", + "url": "http://projects.theforeman.org/projects/foreman/repository/revisions/a30ab44ed6f140f1791afc51a1e448afc2ff28f9" + }, + { + "name": "92125", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92125" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4503.json b/2016/4xxx/CVE-2016-4503.json index f02ab114796..1b3bad2bdf1 100644 --- a/2016/4xxx/CVE-2016-4503.json +++ b/2016/4xxx/CVE-2016-4503.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4503", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4503", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-02" - }, - { - "name" : "91670", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91670" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-02" + }, + { + "name": "91670", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91670" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9153.json b/2016/9xxx/CVE-2016-9153.json index 3104d22690d..8e455e21437 100644 --- a/2016/9xxx/CVE-2016-9153.json +++ b/2016/9xxx/CVE-2016-9153.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9153", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9153", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9371.json b/2016/9xxx/CVE-2016-9371.json index 64b4bc49f26..03dedb08713 100644 --- a/2016/9xxx/CVE-2016-9371.json +++ b/2016/9xxx/CVE-2016-9371.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-9371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Moxa NPort", - "version" : { - "version_data" : [ - { - "version_value" : "Moxa NPort" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. User-controlled input is not neutralized before being output to web page (CROSS-SITE SCRIPTING)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Moxa NPort Device XSS" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-9371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Moxa NPort", + "version": { + "version_data": [ + { + "version_value": "Moxa NPort" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02" - }, - { - "name" : "85965", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85965" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. User-controlled input is not neutralized before being output to web page (CROSS-SITE SCRIPTING)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Moxa NPort Device XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02" + }, + { + "name": "85965", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85965" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9508.json b/2016/9xxx/CVE-2016-9508.json index ac7bcc882e8..1c11abb9979 100644 --- a/2016/9xxx/CVE-2016-9508.json +++ b/2016/9xxx/CVE-2016-9508.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9508", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9508", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9985.json b/2016/9xxx/CVE-2016-9985.json index 6ba4c7dd915..bc7a39f08e2 100644 --- a/2016/9xxx/CVE-2016-9985.json +++ b/2016/9xxx/CVE-2016-9985.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9985", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cognos Business Intelligence", - "version" : { - "version_data" : [ - { - "version_value" : "10" - }, - { - "version_value" : "10.1" - }, - { - "version_value" : "10.1.1" - }, - { - "version_value" : "10.2" - }, - { - "version_value" : "10.2.1" - }, - { - "version_value" : "10.2.1.1" - }, - { - "version_value" : "10.2.2" - }, - { - "version_value" : "10.2" - }, - { - "version_value" : "2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. IBM Reference #: 1999671." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9985", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cognos Business Intelligence", + "version": { + "version_data": [ + { + "version_value": "10" + }, + { + "version_value": "10.1" + }, + { + "version_value": "10.1.1" + }, + { + "version_value": "10.2" + }, + { + "version_value": "10.2.1" + }, + { + "version_value": "10.2.1.1" + }, + { + "version_value": "10.2.2" + }, + { + "version_value": "10.2" + }, + { + "version_value": "2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21999671", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21999671" - }, - { - "name" : "96962", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96962" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. IBM Reference #: 1999671." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96962", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96962" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21999671", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21999671" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2157.json b/2019/2xxx/CVE-2019-2157.json index 1223aade4dc..c1aeaa4a782 100644 --- a/2019/2xxx/CVE-2019-2157.json +++ b/2019/2xxx/CVE-2019-2157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2262.json b/2019/2xxx/CVE-2019-2262.json index c4722ebbb8c..71ceb2f7bfb 100644 --- a/2019/2xxx/CVE-2019-2262.json +++ b/2019/2xxx/CVE-2019-2262.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2262", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2262", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2640.json b/2019/2xxx/CVE-2019-2640.json index 69e96f3007c..ce74f7e4d31 100644 --- a/2019/2xxx/CVE-2019-2640.json +++ b/2019/2xxx/CVE-2019-2640.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2640", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2640", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2666.json b/2019/2xxx/CVE-2019-2666.json index 853cc61c262..05c6c85d150 100644 --- a/2019/2xxx/CVE-2019-2666.json +++ b/2019/2xxx/CVE-2019-2666.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2666", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2666", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2667.json b/2019/2xxx/CVE-2019-2667.json index 33262777b3e..7aee1617eb3 100644 --- a/2019/2xxx/CVE-2019-2667.json +++ b/2019/2xxx/CVE-2019-2667.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2667", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2667", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3068.json b/2019/3xxx/CVE-2019-3068.json index 7a5b894620c..b65e8a1da39 100644 --- a/2019/3xxx/CVE-2019-3068.json +++ b/2019/3xxx/CVE-2019-3068.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3068", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3068", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3085.json b/2019/3xxx/CVE-2019-3085.json index 97bd69393dc..116092067e8 100644 --- a/2019/3xxx/CVE-2019-3085.json +++ b/2019/3xxx/CVE-2019-3085.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3085", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3085", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3164.json b/2019/3xxx/CVE-2019-3164.json index 05e3b937f08..6f3f617ee63 100644 --- a/2019/3xxx/CVE-2019-3164.json +++ b/2019/3xxx/CVE-2019-3164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3432.json b/2019/3xxx/CVE-2019-3432.json index 26162d12017..1e9330100ec 100644 --- a/2019/3xxx/CVE-2019-3432.json +++ b/2019/3xxx/CVE-2019-3432.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3432", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3432", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6301.json b/2019/6xxx/CVE-2019-6301.json index 4935c43f4a8..2039c278635 100644 --- a/2019/6xxx/CVE-2019-6301.json +++ b/2019/6xxx/CVE-2019-6301.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6301", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6301", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6477.json b/2019/6xxx/CVE-2019-6477.json index 55c2306f633..89578ec82a3 100644 --- a/2019/6xxx/CVE-2019-6477.json +++ b/2019/6xxx/CVE-2019-6477.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6477", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6477", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6778.json b/2019/6xxx/CVE-2019-6778.json index 747e3a74cb1..0d4050a2cc1 100644 --- a/2019/6xxx/CVE-2019-6778.json +++ b/2019/6xxx/CVE-2019-6778.json @@ -2,30 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6778", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } + "STATE": "RESERVED" }, "data_format": "MITRE", "data_type": "CVE", @@ -34,43 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "BID", - "name": "106758", - "url": "http://www.securityfocus.com/bid/106758" - }, - { - "refsource": "SUSE", - "name": "SUSE-SA-2019:0254-1", - "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html" - }, - { - "url": "http://www.openwall.com/lists/oss-security/2019/01/24/5", - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2019/01/24/5" - }, - { - "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html", - "refsource": "MISC", - "name": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2019/7xxx/CVE-2019-7787.json b/2019/7xxx/CVE-2019-7787.json index 8f1bc63224d..cb65ee8ca7e 100644 --- a/2019/7xxx/CVE-2019-7787.json +++ b/2019/7xxx/CVE-2019-7787.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7787", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7787", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7858.json b/2019/7xxx/CVE-2019-7858.json index 85c892074cb..62468d36522 100644 --- a/2019/7xxx/CVE-2019-7858.json +++ b/2019/7xxx/CVE-2019-7858.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7858", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7858", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7868.json b/2019/7xxx/CVE-2019-7868.json index ec461ca7f2f..c350f113ce7 100644 --- a/2019/7xxx/CVE-2019-7868.json +++ b/2019/7xxx/CVE-2019-7868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8432.json b/2019/8xxx/CVE-2019-8432.json index 66a0de4098a..4c3844206f3 100644 --- a/2019/8xxx/CVE-2019-8432.json +++ b/2019/8xxx/CVE-2019-8432.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/fakerrr/CmsEasy_7.0/issues/1", - "refsource" : "MISC", - "url" : "https://github.com/fakerrr/CmsEasy_7.0/issues/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/fakerrr/CmsEasy_7.0/issues/1", + "refsource": "MISC", + "url": "https://github.com/fakerrr/CmsEasy_7.0/issues/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8681.json b/2019/8xxx/CVE-2019-8681.json index 0fec9dcc530..b7cd019b22d 100644 --- a/2019/8xxx/CVE-2019-8681.json +++ b/2019/8xxx/CVE-2019-8681.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8681", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8681", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8937.json b/2019/8xxx/CVE-2019-8937.json index c22f8cd7b4a..acc71f7d428 100644 --- a/2019/8xxx/CVE-2019-8937.json +++ b/2019/8xxx/CVE-2019-8937.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8937", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8937", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file