From 5af7f5468b4ddf0004607bb60f8e2669282f5738 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:51:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/5xxx/CVE-2006-5055.json | 180 ++++++++++++------------ 2007/2xxx/CVE-2007-2493.json | 160 ++++++++++----------- 2007/2xxx/CVE-2007-2706.json | 170 +++++++++++----------- 2007/3xxx/CVE-2007-3029.json | 210 +++++++++++++-------------- 2007/3xxx/CVE-2007-3082.json | 160 ++++++++++----------- 2007/3xxx/CVE-2007-3706.json | 160 ++++++++++----------- 2007/3xxx/CVE-2007-3774.json | 140 +++++++++--------- 2007/3xxx/CVE-2007-3833.json | 160 ++++++++++----------- 2007/3xxx/CVE-2007-3853.json | 250 ++++++++++++++++----------------- 2007/3xxx/CVE-2007-3952.json | 200 +++++++++++++------------- 2007/4xxx/CVE-2007-4786.json | 200 +++++++++++++------------- 2007/6xxx/CVE-2007-6254.json | 180 ++++++++++++------------ 2007/6xxx/CVE-2007-6256.json | 34 ++--- 2007/6xxx/CVE-2007-6621.json | 150 ++++++++++---------- 2007/6xxx/CVE-2007-6751.json | 150 ++++++++++---------- 2010/0xxx/CVE-2010-0402.json | 130 ++++++++--------- 2010/0xxx/CVE-2010-0618.json | 160 ++++++++++----------- 2010/1xxx/CVE-2010-1257.json | 180 ++++++++++++------------ 2010/1xxx/CVE-2010-1546.json | 210 +++++++++++++-------------- 2010/5xxx/CVE-2010-5164.json | 200 +++++++++++++------------- 2014/0xxx/CVE-2014-0554.json | 200 +++++++++++++------------- 2014/0xxx/CVE-2014-0588.json | 140 +++++++++--------- 2014/0xxx/CVE-2014-0890.json | 130 ++++++++--------- 2014/1xxx/CVE-2014-1765.json | 160 ++++++++++----------- 2014/1xxx/CVE-2014-1865.json | 34 ++--- 2014/4xxx/CVE-2014-4120.json | 34 ++--- 2014/5xxx/CVE-2014-5043.json | 34 ++--- 2014/5xxx/CVE-2014-5060.json | 34 ++--- 2014/5xxx/CVE-2014-5158.json | 140 +++++++++--------- 2014/5xxx/CVE-2014-5432.json | 34 ++--- 2015/2xxx/CVE-2015-2297.json | 120 ++++++++-------- 2016/10xxx/CVE-2016-10402.json | 130 ++++++++--------- 2016/10xxx/CVE-2016-10452.json | 132 ++++++++--------- 2016/10xxx/CVE-2016-10650.json | 122 ++++++++-------- 2016/8xxx/CVE-2016-8291.json | 140 +++++++++--------- 2016/8xxx/CVE-2016-8374.json | 130 ++++++++--------- 2016/8xxx/CVE-2016-8517.json | 152 ++++++++++---------- 2016/8xxx/CVE-2016-8637.json | 182 ++++++++++++------------ 2016/8xxx/CVE-2016-8766.json | 34 ++--- 2016/8xxx/CVE-2016-8849.json | 34 ++--- 2016/9xxx/CVE-2016-9741.json | 34 ++--- 2016/9xxx/CVE-2016-9883.json | 34 ++--- 2016/9xxx/CVE-2016-9920.json | 160 ++++++++++----------- 2019/2xxx/CVE-2019-2481.json | 168 +++++++++++----------- 2019/2xxx/CVE-2019-2664.json | 34 ++--- 2019/2xxx/CVE-2019-2806.json | 34 ++--- 2019/2xxx/CVE-2019-2896.json | 34 ++--- 2019/2xxx/CVE-2019-2973.json | 34 ++--- 2019/6xxx/CVE-2019-6157.json | 34 ++--- 2019/6xxx/CVE-2019-6188.json | 34 ++--- 2019/6xxx/CVE-2019-6269.json | 34 ++--- 2019/6xxx/CVE-2019-6661.json | 34 ++--- 2019/7xxx/CVE-2019-7179.json | 34 ++--- 2019/7xxx/CVE-2019-7850.json | 34 ++--- 54 files changed, 3118 insertions(+), 3118 deletions(-) diff --git a/2006/5xxx/CVE-2006-5055.json b/2006/5xxx/CVE-2006-5055.json index ad818259148..54d7cfb8ade 100644 --- a/2006/5xxx/CVE-2006-5055.json +++ b/2006/5xxx/CVE-2006-5055.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5055", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 through 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the init_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5055", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060924 Remote File Include in syntaxCMS", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=115913461828660&w=2" - }, - { - "name" : "http://www.syntaxcms.org/content/article/detail/513", - "refsource" : "CONFIRM", - "url" : "http://www.syntaxcms.org/content/article/detail/513" - }, - { - "name" : "2424", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2424" - }, - { - "name" : "20171", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20171" - }, - { - "name" : "ADV-2006-3760", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3760" - }, - { - "name" : "1016914", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016914" - }, - { - "name" : "syntaxcms-admin-file-include(29122)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29122" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 through 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the init_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "syntaxcms-admin-file-include(29122)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29122" + }, + { + "name": "1016914", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016914" + }, + { + "name": "20060924 Remote File Include in syntaxCMS", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=115913461828660&w=2" + }, + { + "name": "2424", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2424" + }, + { + "name": "20171", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20171" + }, + { + "name": "ADV-2006-3760", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3760" + }, + { + "name": "http://www.syntaxcms.org/content/article/detail/513", + "refsource": "CONFIRM", + "url": "http://www.syntaxcms.org/content/article/detail/513" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2493.json b/2007/2xxx/CVE-2007-2493.json index 5fa609f7628..027c167e37f 100644 --- a/2007/2xxx/CVE-2007-2493.json +++ b/2007/2xxx/CVE-2007-2493.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2493", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2493", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3833", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3833" - }, - { - "name" : "23758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23758" - }, - { - "name" : "ADV-2007-1631", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1631" - }, - { - "name" : "37613", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37613" - }, - { - "name" : "mxbbfaqrules-faq-file-include(34008)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mxbbfaqrules-faq-file-include(34008)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34008" + }, + { + "name": "37613", + "refsource": "OSVDB", + "url": "http://osvdb.org/37613" + }, + { + "name": "3833", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3833" + }, + { + "name": "23758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23758" + }, + { + "name": "ADV-2007-1631", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1631" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2706.json b/2007/2xxx/CVE-2007-2706.json index 54a6179e5b4..6a7596897ef 100644 --- a/2007/2xxx/CVE-2007-2706.json +++ b/2007/2xxx/CVE-2007-2706.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3924", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3924" - }, - { - "name" : "23983", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23983" - }, - { - "name" : "ADV-2007-1827", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1827" - }, - { - "name" : "36239", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36239" - }, - { - "name" : "25272", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25272" - }, - { - "name" : "geeklogmedia-ftpmedia-file-include(34294)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3924", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3924" + }, + { + "name": "geeklogmedia-ftpmedia-file-include(34294)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34294" + }, + { + "name": "25272", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25272" + }, + { + "name": "36239", + "refsource": "OSVDB", + "url": "http://osvdb.org/36239" + }, + { + "name": "23983", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23983" + }, + { + "name": "ADV-2007-1827", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1827" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3029.json b/2007/3xxx/CVE-2007-3029.json index bd93017a51a..df24915bce0 100644 --- a/2007/3xxx/CVE-2007-3029.json +++ b/2007/3xxx/CVE-2007-3029.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-3029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "SSRT071446", - "refsource" : "HP", - "url" : "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html" - }, - { - "name" : "MS07-036", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036" - }, - { - "name" : "TA07-191A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-191A.html" - }, - { - "name" : "22555", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22555" - }, - { - "name" : "35958", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35958" - }, - { - "name" : "ADV-2007-2478", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2478" - }, - { - "name" : "oval:org.mitre.oval:def:2029", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2029" - }, - { - "name" : "1018352", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018352" - }, - { - "name" : "25995", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25995" - }, - { - "name" : "excel-active-worksheet-code-execution(35215)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT071446", + "refsource": "HP", + "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html" + }, + { + "name": "1018352", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018352" + }, + { + "name": "MS07-036", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036" + }, + { + "name": "35958", + "refsource": "OSVDB", + "url": "http://osvdb.org/35958" + }, + { + "name": "ADV-2007-2478", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2478" + }, + { + "name": "excel-active-worksheet-code-execution(35215)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35215" + }, + { + "name": "22555", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22555" + }, + { + "name": "25995", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25995" + }, + { + "name": "TA07-191A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html" + }, + { + "name": "oval:org.mitre.oval:def:2029", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2029" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3082.json b/2007/3xxx/CVE-2007-3082.json index f93b9b18133..a138411bbfc 100644 --- a/2007/3xxx/CVE-2007-3082.json +++ b/2007/3xxx/CVE-2007-3082.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4029", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4029" - }, - { - "name" : "24308", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24308" - }, - { - "name" : "35741", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35741" - }, - { - "name" : "ADV-2007-2058", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2058" - }, - { - "name" : "sendcard-sclanguage-file-include(34697)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sendcard-sclanguage-file-include(34697)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34697" + }, + { + "name": "4029", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4029" + }, + { + "name": "35741", + "refsource": "OSVDB", + "url": "http://osvdb.org/35741" + }, + { + "name": "ADV-2007-2058", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2058" + }, + { + "name": "24308", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24308" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3706.json b/2007/3xxx/CVE-2007-3706.json index 18abea301c5..11cd42e5388 100644 --- a/2007/3xxx/CVE-2007-3706.json +++ b/2007/3xxx/CVE-2007-3706.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070708 CodeIgniter 1.5.3 vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473190/100/0/threaded" - }, - { - "name" : "20070709 CodeIgniter 1.5.3 vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html" - }, - { - "name" : "37905", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37905" - }, - { - "name" : "25991", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25991" - }, - { - "name" : "2877", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25991", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25991" + }, + { + "name": "20070709 CodeIgniter 1.5.3 vulnerabilities", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html" + }, + { + "name": "20070708 CodeIgniter 1.5.3 vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded" + }, + { + "name": "37905", + "refsource": "OSVDB", + "url": "http://osvdb.org/37905" + }, + { + "name": "2877", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2877" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3774.json b/2007/3xxx/CVE-2007-3774.json index 789a3326e24..00780f931b5 100644 --- a/2007/3xxx/CVE-2007-3774.json +++ b/2007/3xxx/CVE-2007-3774.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dvbbs 7.1.0 SP1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Data/Dvbbs7.mdb." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070711 Powered By Dvbbs Version 7.1.0 Sp1 By Pass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473374/100/0/threaded" - }, - { - "name" : "39747", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39747" - }, - { - "name" : "2886", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2886" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dvbbs 7.1.0 SP1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Data/Dvbbs7.mdb." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39747", + "refsource": "OSVDB", + "url": "http://osvdb.org/39747" + }, + { + "name": "2886", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2886" + }, + { + "name": "20070711 Powered By Dvbbs Version 7.1.0 Sp1 By Pass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473374/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3833.json b/2007/3xxx/CVE-2007-3833.json index e9255f69fb6..f54bf2ba3b9 100644 --- a/2007/3xxx/CVE-2007-3833.json +++ b/2007/3xxx/CVE-2007-3833.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3833", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the \"aim: &c:\\\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3833", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html", - "refsource" : "MISC", - "url" : "http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html" - }, - { - "name" : "24927", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24927" - }, - { - "name" : "ADV-2007-2546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2546" - }, - { - "name" : "26086", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26086" - }, - { - "name" : "trillian-aim-file-create(35449)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35449" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AOL Instant Messenger (AIM) protocol handler in Cerulean Studios Trillian allows remote attackers to create files with arbitrary contents via certain aim: URIs, as demonstrated by a URI that begins with the \"aim: &c:\\\" substring and contains a full pathname in the ini field. NOTE: this can be leveraged for code execution by writing to a Startup folder." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2546" + }, + { + "name": "26086", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26086" + }, + { + "name": "http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html", + "refsource": "MISC", + "url": "http://www.xs-sniper.com/nmcfeters/Cross-App-Scripting-2.html" + }, + { + "name": "24927", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24927" + }, + { + "name": "trillian-aim-file-create(35449)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35449" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3853.json b/2007/3xxx/CVE-2007-3853.json index b08d52230a2..11f7e7d039c 100644 --- a/2007/3xxx/CVE-2007-3853.json +++ b/2007/3xxx/CVE-2007-3853.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3853", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3853", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070718 Oracle Security: SQL Injection in package DBMS_PRVTAQIS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474000" - }, - { - "name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf", - "refsource" : "MISC", - "url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" - }, - { - "name" : "TA07-200A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-200A.html" - }, - { - "name" : "ADV-2007-2562", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2562" - }, - { - "name" : "ADV-2007-2635", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2635" - }, - { - "name" : "1018415", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018415" - }, - { - "name" : "26114", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26114" - }, - { - "name" : "26166", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26166" - }, - { - "name" : "oracle-cpu-july2007(35490)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" + }, + { + "name": "26114", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26114" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html" + }, + { + "name": "26166", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26166" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html" + }, + { + "name": "TA07-200A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html" + }, + { + "name": "ADV-2007-2562", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2562" + }, + { + "name": "ADV-2007-2635", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2635" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" + }, + { + "name": "oracle-cpu-july2007(35490)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490" + }, + { + "name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf", + "refsource": "MISC", + "url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf" + }, + { + "name": "1018415", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018415" + }, + { + "name": "20070718 Oracle Security: SQL Injection in package DBMS_PRVTAQIS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474000" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3952.json b/2007/3xxx/CVE-2007-3952.json index 9d562b6ad0f..9f70a3a9a47 100644 --- a/2007/3xxx/CVE-2007-3952.json +++ b/2007/3xxx/CVE-2007-3952.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3952", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an \"integer cast around\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070723 n.runs-SA-2007.022 - Norman Antivirus DOC parsing Detection Bypass Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474428/100/0/threaded" - }, - { - "name" : "http://www.nruns.com/security_advisory_norman_antivirus_doc_depection_bypass.php", - "refsource" : "MISC", - "url" : "http://www.nruns.com/security_advisory_norman_antivirus_doc_depection_bypass.php" - }, - { - "name" : "25020", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25020" - }, - { - "name" : "ADV-2007-2619", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2619" - }, - { - "name" : "37981", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37981" - }, - { - "name" : "1018438", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018438" - }, - { - "name" : "26178", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26178" - }, - { - "name" : "2913", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2913" - }, - { - "name" : "norman-doc-security-bypass(35558)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an \"integer cast around\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2619", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2619" + }, + { + "name": "20070723 n.runs-SA-2007.022 - Norman Antivirus DOC parsing Detection Bypass Advisory", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474428/100/0/threaded" + }, + { + "name": "2913", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2913" + }, + { + "name": "norman-doc-security-bypass(35558)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35558" + }, + { + "name": "37981", + "refsource": "OSVDB", + "url": "http://osvdb.org/37981" + }, + { + "name": "25020", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25020" + }, + { + "name": "26178", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26178" + }, + { + "name": "1018438", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018438" + }, + { + "name": "http://www.nruns.com/security_advisory_norman_antivirus_doc_depection_bypass.php", + "refsource": "MISC", + "url": "http://www.nruns.com/security_advisory_norman_antivirus_doc_depection_bypass.php" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4786.json b/2007/4xxx/CVE-2007-4786.json index ef083e39e0a..2013f24a63b 100644 --- a/2007/4xxx/CVE-2007-4786.json +++ b/2007/4xxx/CVE-2007-4786.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4786", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the \"test aaa\" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4786", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903", - "refsource" : "MISC", - "url" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903" - }, - { - "name" : "http://www.kb.cert.org/vuls/id/MIMG-74ZK93", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MIMG-74ZK93" - }, - { - "name" : "VU#563673", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/563673" - }, - { - "name" : "25548", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25548" - }, - { - "name" : "ADV-2007-3076", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3076" - }, - { - "name" : "37499", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37499" - }, - { - "name" : "1018660", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018660" - }, - { - "name" : "26677", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26677" - }, - { - "name" : "cisco-asa-aaa-information-disclosure(36473)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the \"test aaa\" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26677", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26677" + }, + { + "name": "1018660", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018660" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MIMG-74ZK93", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MIMG-74ZK93" + }, + { + "name": "cisco-asa-aaa-information-disclosure(36473)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36473" + }, + { + "name": "37499", + "refsource": "OSVDB", + "url": "http://osvdb.org/37499" + }, + { + "name": "25548", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25548" + }, + { + "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903", + "refsource": "MISC", + "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903" + }, + { + "name": "VU#563673", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/563673" + }, + { + "name": "ADV-2007-3076", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3076" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6254.json b/2007/6xxx/CVE-2007-6254.json index a7d2b55a3d1..1b0ac57b515 100644 --- a/2007/6xxx/CVE-2007-6254.json +++ b/2007/6xxx/CVE-2007-6254.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-6254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MIMG-732R7X", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MIMG-732R7X" - }, - { - "name" : "VU#329673", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/329673" - }, - { - "name" : "28292", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28292" - }, - { - "name" : "ADV-2008-0927", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0927/references" - }, - { - "name" : "1019668", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019668" - }, - { - "name" : "29437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29437" - }, - { - "name" : "businessobjects-rptviewerax-bo(41256)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28292", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28292" + }, + { + "name": "1019668", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019668" + }, + { + "name": "ADV-2008-0927", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0927/references" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MIMG-732R7X", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MIMG-732R7X" + }, + { + "name": "29437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29437" + }, + { + "name": "VU#329673", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/329673" + }, + { + "name": "businessobjects-rptviewerax-bo(41256)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41256" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6256.json b/2007/6xxx/CVE-2007-6256.json index ec403b7cc12..8bbe3aede44 100644 --- a/2007/6xxx/CVE-2007-6256.json +++ b/2007/6xxx/CVE-2007-6256.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6256", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-6256", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6621.json b/2007/6xxx/CVE-2007-6621.json index 3104b031195..401f821413b 100644 --- a/2007/6xxx/CVE-2007-6621.json +++ b/2007/6xxx/CVE-2007-6621.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6621", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6621", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4799", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4799" - }, - { - "name" : "27056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27056" - }, - { - "name" : "39666", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39666" - }, - { - "name" : "28231", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39666", + "refsource": "OSVDB", + "url": "http://osvdb.org/39666" + }, + { + "name": "28231", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28231" + }, + { + "name": "27056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27056" + }, + { + "name": "4799", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4799" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6751.json b/2007/6xxx/CVE-2007-6751.json index f3a25df2253..884fd0f2f1b 100644 --- a/2007/6xxx/CVE-2007-6751.json +++ b/2007/6xxx/CVE-2007-6751.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6751", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6751", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.h-fj.com/blog/archives/2007/01/23-111038.php", - "refsource" : "CONFIRM", - "url" : "http://www.h-fj.com/blog/archives/2007/01/23-111038.php" - }, - { - "name" : "JVN#60887968", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN60887968/index.html" - }, - { - "name" : "JVNDB-2011-000108", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000108.html" - }, - { - "name" : "movabletype-mailform-xss(72344)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#60887968", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN60887968/index.html" + }, + { + "name": "movabletype-mailform-xss(72344)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72344" + }, + { + "name": "http://www.h-fj.com/blog/archives/2007/01/23-111038.php", + "refsource": "CONFIRM", + "url": "http://www.h-fj.com/blog/archives/2007/01/23-111038.php" + }, + { + "name": "JVNDB-2011-000108", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000108.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0402.json b/2010/0xxx/CVE-2010-0402.json index 55ee04c3cfe..12ed181ed40 100644 --- a/2010/0xxx/CVE-2010-0402.json +++ b/2010/0xxx/CVE-2010-0402.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://security.openttd.org/en/CVE-2010-0402", - "refsource" : "CONFIRM", - "url" : "http://security.openttd.org/en/CVE-2010-0402" - }, - { - "name" : "39669", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39669" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39669", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39669" + }, + { + "name": "http://security.openttd.org/en/CVE-2010-0402", + "refsource": "CONFIRM", + "url": "http://security.openttd.org/en/CVE-2010-0402" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0618.json b/2010/0xxx/CVE-2010-0618.json index e32899125c9..53f75409721 100644 --- a/2010/0xxx/CVE-2010-0618.json +++ b/2010/0xxx/CVE-2010-0618.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0618", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100322 {PRL} Lexmark Multiple Laser printer FTP Remote Denial of Services", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/510285/100/0/threaded" - }, - { - "name" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11", - "refsource" : "MISC", - "url" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11" - }, - { - "name" : "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US", - "refsource" : "CONFIRM", - "url" : "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US" - }, - { - "name" : "38906", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38906" - }, - { - "name" : "39056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11", + "refsource": "MISC", + "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=11&Itemid=11" + }, + { + "name": "38906", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38906" + }, + { + "name": "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US", + "refsource": "CONFIRM", + "url": "http://support.lexmark.com/index?page=content&id=TE85&locale=EN&userlocale=EN_US" + }, + { + "name": "39056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39056" + }, + { + "name": "20100322 {PRL} Lexmark Multiple Laser printer FTP Remote Denial of Services", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/510285/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1257.json b/2010/1xxx/CVE-2010-1257.json index 1121208634b..f52557a78c9 100644 --- a/2010/1xxx/CVE-2010-1257.json +++ b/2010/1xxx/CVE-2010-1257.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1257", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-1257", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/css/P8/documents/100089747", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100089747" - }, - { - "name" : "MS10-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035" - }, - { - "name" : "MS10-039", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-039" - }, - { - "name" : "TA10-159B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" - }, - { - "name" : "40409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40409" - }, - { - "name" : "oval:org.mitre.oval:def:6677", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6677" - }, - { - "name" : "ie-tostatichtml-information-disclosure(58866)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/css/P8/documents/100089747", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100089747" + }, + { + "name": "ie-tostatichtml-information-disclosure(58866)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58866" + }, + { + "name": "MS10-039", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-039" + }, + { + "name": "40409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40409" + }, + { + "name": "oval:org.mitre.oval:def:6677", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6677" + }, + { + "name": "MS10-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035" + }, + { + "name": "TA10-159B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1546.json b/2010/1xxx/CVE-2010-1546.json index 2129e96f475..b887eea735f 100644 --- a/2010/1xxx/CVE-2010-1546.json +++ b/2010/1xxx/CVE-2010-1546.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1546", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with \"administer page manager\" privileges, to execute arbitrary PHP code via input to a text area, related to (1) the page_manager_page_import_subtask_validate function in page_manager/plugins/tasks/page.admin.inc and (2) the page_manager_handler_import_validate function in page_manager/page_manager.admin.inc." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1546", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100520 Drupal Chaos Tools Suite (Ctools) Module Multiple Vulns", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2010/May/272" - }, - { - "name" : "http://www.madirish.net/?article=458", - "refsource" : "MISC", - "url" : "http://www.madirish.net/?article=458" - }, - { - "name" : "http://drupal.org/node/803944", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/803944" - }, - { - "name" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?r1=1.27.2.9&r2=1.27.2.10", - "refsource" : "CONFIRM", - "url" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?r1=1.27.2.9&r2=1.27.2.10" - }, - { - "name" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?view=log", - "refsource" : "CONFIRM", - "url" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?view=log" - }, - { - "name" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?r1=1.18.2.6&r2=1.18.2.7", - "refsource" : "CONFIRM", - "url" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?r1=1.18.2.6&r2=1.18.2.7" - }, - { - "name" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?view=log", - "refsource" : "CONFIRM", - "url" : "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?view=log" - }, - { - "name" : "40285", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40285" - }, - { - "name" : "39884", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39884" - }, - { - "name" : "chaos-tool-import-code-execution(58723)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with \"administer page manager\" privileges, to execute arbitrary PHP code via input to a text area, related to (1) the page_manager_page_import_subtask_validate function in page_manager/plugins/tasks/page.admin.inc and (2) the page_manager_handler_import_validate function in page_manager/page_manager.admin.inc." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?view=log", + "refsource": "CONFIRM", + "url": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?view=log" + }, + { + "name": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?r1=1.27.2.9&r2=1.27.2.10", + "refsource": "CONFIRM", + "url": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/page_manager.admin.inc?r1=1.27.2.9&r2=1.27.2.10" + }, + { + "name": "39884", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39884" + }, + { + "name": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?view=log", + "refsource": "CONFIRM", + "url": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?view=log" + }, + { + "name": "20100520 Drupal Chaos Tools Suite (Ctools) Module Multiple Vulns", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2010/May/272" + }, + { + "name": "http://drupal.org/node/803944", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/803944" + }, + { + "name": "chaos-tool-import-code-execution(58723)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58723" + }, + { + "name": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?r1=1.18.2.6&r2=1.18.2.7", + "refsource": "CONFIRM", + "url": "http://drupalcode.org/viewvc/drupal/contributions/modules/ctools/page_manager/plugins/tasks/page.admin.inc?r1=1.18.2.6&r2=1.18.2.7" + }, + { + "name": "40285", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40285" + }, + { + "name": "http://www.madirish.net/?article=458", + "refsource": "MISC", + "url": "http://www.madirish.net/?article=458" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5164.json b/2010/5xxx/CVE-2010-5164.json index e19ac6b2c0b..25547a19ab0 100644 --- a/2010/5xxx/CVE-2010-5164.json +++ b/2010/5xxx/CVE-2010-5164.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" - }, - { - "name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" - }, - { - "name" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/", - "refsource" : "MISC", - "url" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" - }, - { - "name" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php", - "refsource" : "MISC", - "url" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" - }, - { - "name" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php", - "refsource" : "MISC", - "url" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" - }, - { - "name" : "http://www.f-secure.com/weblog/archives/00001949.html", - "refsource" : "MISC", - "url" : "http://www.f-secure.com/weblog/archives/00001949.html" - }, - { - "name" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/", - "refsource" : "MISC", - "url" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" - }, - { - "name" : "39924", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39924" - }, - { - "name" : "67660", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/67660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" + }, + { + "name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/", + "refsource": "MISC", + "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" + }, + { + "name": "39924", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39924" + }, + { + "name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php", + "refsource": "MISC", + "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" + }, + { + "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" + }, + { + "name": "67660", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/67660" + }, + { + "name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/", + "refsource": "MISC", + "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" + }, + { + "name": "http://www.f-secure.com/weblog/archives/00001949.html", + "refsource": "MISC", + "url": "http://www.f-secure.com/weblog/archives/00001949.html" + }, + { + "name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php", + "refsource": "MISC", + "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0554.json b/2014/0xxx/CVE-2014-0554.json index cfc87cae965..1d973a03616 100644 --- a/2014/0xxx/CVE-2014-0554.json +++ b/2014/0xxx/CVE-2014-0554.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0554", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0554", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" - }, - { - "name" : "GLSA-201409-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml" - }, - { - "name" : "SUSE-SU-2014:1124", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" - }, - { - "name" : "openSUSE-SU-2014:1110", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" - }, - { - "name" : "openSUSE-SU-2014:1130", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" - }, - { - "name" : "69697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69697" - }, - { - "name" : "1030822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030822" - }, - { - "name" : "61089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61089" - }, - { - "name" : "adobe-flash-cve20140554-sec-bypass(95824)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95824" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "69697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69697" + }, + { + "name": "GLSA-201409-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201409-05.xml" + }, + { + "name": "61089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61089" + }, + { + "name": "openSUSE-SU-2014:1130", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" + }, + { + "name": "openSUSE-SU-2014:1110", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" + }, + { + "name": "adobe-flash-cve20140554-sec-bypass(95824)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95824" + }, + { + "name": "SUSE-SU-2014:1124", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" + }, + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" + }, + { + "name": "1030822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030822" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0588.json b/2014/0xxx/CVE-2014-0588.json index ef8d2d5bc6b..24b9c09f9ba 100644 --- a/2014/0xxx/CVE-2014-0588.json +++ b/2014/0xxx/CVE-2014-0588.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141112 Adobe Flash Player Byte Array Uncompress Use-after-Free Vulnerability", - "refsource" : "IDEFENSE", - "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1084" - }, - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html" - }, - { - "name" : "openSUSE-SU-2015:0725", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0573 and CVE-2014-8438." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html" + }, + { + "name": "openSUSE-SU-2015:0725", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" + }, + { + "name": "20141112 Adobe Flash Player Byte Array Uncompress Use-after-Free Vulnerability", + "refsource": "IDEFENSE", + "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1084" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0890.json b/2014/0xxx/CVE-2014-0890.json index 4c5d9fe1436..852dcb38d98 100644 --- a/2014/0xxx/CVE-2014-0890.json +++ b/2014/0xxx/CVE-2014-0890.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0890", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0890", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665658", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665658" - }, - { - "name" : "ibm-lotus-cve20148090-info-disc(91282)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21665658", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21665658" + }, + { + "name": "ibm-lotus-cve20148090-info-disc(91282)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91282" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1765.json b/2014/1xxx/CVE-2014-1765.json index 7c0bfd1e13c..3bda7aa87dd 100644 --- a/2014/1xxx/CVE-2014-1765.json +++ b/2014/1xxx/CVE-2014-1765.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://twitter.com/thezdi/statuses/444216845734666240", - "refsource" : "MISC", - "url" : "http://twitter.com/thezdi/statuses/444216845734666240" - }, - { - "name" : "http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/", - "refsource" : "MISC", - "url" : "http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/" - }, - { - "name" : "MS14-037", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037" - }, - { - "name" : "1030532", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030532" - }, - { - "name" : "59775", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/", + "refsource": "MISC", + "url": "http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two/" + }, + { + "name": "MS14-037", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037" + }, + { + "name": "http://twitter.com/thezdi/statuses/444216845734666240", + "refsource": "MISC", + "url": "http://twitter.com/thezdi/statuses/444216845734666240" + }, + { + "name": "59775", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59775" + }, + { + "name": "1030532", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030532" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1865.json b/2014/1xxx/CVE-2014-1865.json index 44779314042..89a1d86ada5 100644 --- a/2014/1xxx/CVE-2014-1865.json +++ b/2014/1xxx/CVE-2014-1865.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1865", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1865", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4120.json b/2014/4xxx/CVE-2014-4120.json index 1041280dddc..d1732ae4a74 100644 --- a/2014/4xxx/CVE-2014-4120.json +++ b/2014/4xxx/CVE-2014-4120.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4120", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-4120", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5043.json b/2014/5xxx/CVE-2014-5043.json index bde4aa7fcbb..8c88fa1b3f9 100644 --- a/2014/5xxx/CVE-2014-5043.json +++ b/2014/5xxx/CVE-2014-5043.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5043", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-5043", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5060.json b/2014/5xxx/CVE-2014-5060.json index 957e9765e57..c096bec8438 100644 --- a/2014/5xxx/CVE-2014-5060.json +++ b/2014/5xxx/CVE-2014-5060.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5060", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5060", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5158.json b/2014/5xxx/CVE-2014-5158.json index d31d459113d..d70ddf7a05f 100644 --- a/2014/5xxx/CVE-2014-5158.json +++ b/2014/5xxx/CVE-2014-5158.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5158", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5158", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-272/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-272/" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-273/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-273/" - }, - { - "name" : "http://forums.alienvault.com/discussion/2559/security-advisory-multiple-vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://forums.alienvault.com/discussion/2559/security-advisory-multiple-vulnerabilities" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-273/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-273/" + }, + { + "name": "http://forums.alienvault.com/discussion/2559/security-advisory-multiple-vulnerabilities", + "refsource": "CONFIRM", + "url": "http://forums.alienvault.com/discussion/2559/security-advisory-multiple-vulnerabilities" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-272/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-272/" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5432.json b/2014/5xxx/CVE-2014-5432.json index a66e2276520..d044798dd2c 100644 --- a/2014/5xxx/CVE-2014-5432.json +++ b/2014/5xxx/CVE-2014-5432.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5432", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5432", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2297.json b/2015/2xxx/CVE-2015-2297.json index cc6a1d2019b..01888c2db23 100644 --- a/2015/2xxx/CVE-2015-2297.json +++ b/2015/2xxx/CVE-2015-2297.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150315 Re: CVE request: vulnerabilities in libcsoap", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/15/4" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150315 Re: CVE request: vulnerabilities in libcsoap", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/15/4" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10402.json b/2016/10xxx/CVE-2016-10402.json index 8e3bf9e14fd..d922cfd29b1 100644 --- a/2016/10xxx/CVE-2016-10402.json +++ b/2016/10xxx/CVE-2016-10402.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=765", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=765" - }, - { - "name" : "84841", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84841" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "84841", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84841" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=765", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=765" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10452.json b/2016/10xxx/CVE-2016-10452.json index c5f723a597a..129fd7b079c 100644 --- a/2016/10xxx/CVE-2016-10452.json +++ b/2016/10xxx/CVE-2016-10452.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, and SD 835, memory protection assertion happens after invoking TA termination out of order." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Possible Denial of service in QTEE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, and SD 835, memory protection assertion happens after invoking TA termination out of order." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Possible Denial of service in QTEE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10650.json b/2016/10xxx/CVE-2016-10650.json index 9e85de8942c..b46336330b2 100644 --- a/2016/10xxx/CVE-2016-10650.json +++ b/2016/10xxx/CVE-2016-10650.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10650", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ntfserver node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10650", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ntfserver node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/253", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/253" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/253", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/253" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8291.json b/2016/8xxx/CVE-2016-8291.json index f9f5220f98f..62326d22d30 100644 --- a/2016/8xxx/CVE-2016-8291.json +++ b/2016/8xxx/CVE-2016-8291.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2016-8291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Mobile Application Platform." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-8291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93716" - }, - { - "name" : "1037046", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Mobile Application Platform." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93716" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037046", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037046" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8374.json b/2016/8xxx/CVE-2016-8374.json index 8c2e85645b7..4cc14aefc97 100644 --- a/2016/8xxx/CVE-2016-8374.json +++ b/2016/8xxx/CVE-2016-8374.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-8374", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Schneider Electric Magelis HMI", - "version" : { - "version_data" : [ - { - "version_value" : "Schneider Electric Magelis HMI" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Schneider Electric Magelis HMI Resource Consumption" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-8374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Schneider Electric Magelis HMI", + "version": { + "version_data": [ + { + "version_value": "Schneider Electric Magelis HMI" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02" - }, - { - "name" : "94093", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker may be able to disrupt a targeted web server, resulting in a denial of service because of UNCONTROLLED RESOURCE CONSUMPTION." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Schneider Electric Magelis HMI Resource Consumption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-308-02" + }, + { + "name": "94093", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94093" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8517.json b/2016/8xxx/CVE-2016-8517.json index 551b1a27e66..8b231d724ed 100644 --- a/2016/8xxx/CVE-2016-8517.json +++ b/2016/8xxx/CVE-2016-8517.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2016-12-15T00:00:00", - "ID" : "CVE-2016-8517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Systems Insight Manager using OpenSSL", - "version" : { - "version_data" : [ - { - "version_value" : "all versions prior to 7.6" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "cross site scripting" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2016-12-15T00:00:00", + "ID": "CVE-2016-8517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Systems Insight Manager using OpenSSL", + "version": { + "version_data": [ + { + "version_value": "all versions prior to 7.6" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "1037492", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cross site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "1037492", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037492" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8637.json b/2016/8xxx/CVE-2016-8637.json index cb569a8501a..3db723b53c6 100644 --- a/2016/8xxx/CVE-2016-8637.json +++ b/2016/8xxx/CVE-2016-8637.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psampaio@redhat.com", - "ID" : "CVE-2016-8637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "dracut", - "version" : { - "version_data" : [ - { - "version_value" : "045" - } - ] - } - } - ] - }, - "vendor_name" : "The Dracut Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or credentials." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "2.1/AV:L/AC:L/Au:N/C:P/I:N/A:N", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-732" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-8637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "dracut", + "version": { + "version_data": [ + { + "version_value": "045" + } + ] + } + } + ] + }, + "vendor_name": "The Dracut Project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161107 CVE-2016-8637: dracut creates world readble initramfs when early cpio is used", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2016/q4/352" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8637", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8637" - }, - { - "name" : "https://github.com/dracutdevs/dracut/commit/0db98910a11c12a454eac4c8e86dc7a7bbc764a4", - "refsource" : "CONFIRM", - "url" : "https://github.com/dracutdevs/dracut/commit/0db98910a11c12a454eac4c8e86dc7a7bbc764a4" - }, - { - "name" : "94128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or credentials." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "5.0/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", + "version": "3.0" + } + ], + [ + { + "vectorString": "2.1/AV:L/AC:L/Au:N/C:P/I:N/A:N", + "version": "2.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-732" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8637", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8637" + }, + { + "name": "https://github.com/dracutdevs/dracut/commit/0db98910a11c12a454eac4c8e86dc7a7bbc764a4", + "refsource": "CONFIRM", + "url": "https://github.com/dracutdevs/dracut/commit/0db98910a11c12a454eac4c8e86dc7a7bbc764a4" + }, + { + "name": "94128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94128" + }, + { + "name": "[oss-security] 20161107 CVE-2016-8637: dracut creates world readble initramfs when early cpio is used", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2016/q4/352" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8766.json b/2016/8xxx/CVE-2016-8766.json index 5f7d846aa9d..4c099265777 100644 --- a/2016/8xxx/CVE-2016-8766.json +++ b/2016/8xxx/CVE-2016-8766.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8766", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8766", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8849.json b/2016/8xxx/CVE-2016-8849.json index 6e2f59c3cc4..d1bf91ce862 100644 --- a/2016/8xxx/CVE-2016-8849.json +++ b/2016/8xxx/CVE-2016-8849.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8849", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8849", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9741.json b/2016/9xxx/CVE-2016-9741.json index bba0c1a2eef..660a7308c24 100644 --- a/2016/9xxx/CVE-2016-9741.json +++ b/2016/9xxx/CVE-2016-9741.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9741", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9741", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9883.json b/2016/9xxx/CVE-2016-9883.json index ba6b1a431fe..70246f9828e 100644 --- a/2016/9xxx/CVE-2016-9883.json +++ b/2016/9xxx/CVE-2016-9883.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9883", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9883", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9920.json b/2016/9xxx/CVE-2016-9920.json index f8e977a3b16..45bb88a8ae1 100644 --- a/2016/9xxx/CVE-2016-9920.json +++ b/2016/9xxx/CVE-2016-9920.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9920", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9920", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161208 roundcube code execution via mail()", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/08/10" - }, - { - "name" : "https://blog.ripstech.com/2016/roundcube-command-execution-via-email/", - "refsource" : "MISC", - "url" : "https://blog.ripstech.com/2016/roundcube-command-execution-via-email/" - }, - { - "name" : "https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released", - "refsource" : "CONFIRM", - "url" : "https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released" - }, - { - "name" : "GLSA-201612-44", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-44" - }, - { - "name" : "94858", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.ripstech.com/2016/roundcube-command-execution-via-email/", + "refsource": "MISC", + "url": "https://blog.ripstech.com/2016/roundcube-command-execution-via-email/" + }, + { + "name": "94858", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94858" + }, + { + "name": "[oss-security] 20161208 roundcube code execution via mail()", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/08/10" + }, + { + "name": "https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released", + "refsource": "CONFIRM", + "url": "https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released" + }, + { + "name": "GLSA-201612-44", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-44" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2481.json b/2019/2xxx/CVE-2019-2481.json index 6eb9f1f688e..586828abd2d 100644 --- a/2019/2xxx/CVE-2019-2481.json +++ b/2019/2xxx/CVE-2019-2481.json @@ -1,86 +1,86 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2481", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.6.42 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.24 and prior" - }, - { - "version_affected" : "=", - "version_value" : "8.0.13 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2481", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.6.42 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.24 and prior" + }, + { + "version_affected": "=", + "version_value": "8.0.13 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" - }, - { - "name" : "USN-3867-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3867-1/" - }, - { - "name" : "106619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106619" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "USN-3867-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3867-1/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190118-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190118-0002/" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2664.json b/2019/2xxx/CVE-2019-2664.json index 0e6d67ad7ea..4f7d482a764 100644 --- a/2019/2xxx/CVE-2019-2664.json +++ b/2019/2xxx/CVE-2019-2664.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2664", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2664", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2806.json b/2019/2xxx/CVE-2019-2806.json index 7f1de18e514..692cbd580ee 100644 --- a/2019/2xxx/CVE-2019-2806.json +++ b/2019/2xxx/CVE-2019-2806.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2806", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2806", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2896.json b/2019/2xxx/CVE-2019-2896.json index 55a25e465f8..4b4cab81ab0 100644 --- a/2019/2xxx/CVE-2019-2896.json +++ b/2019/2xxx/CVE-2019-2896.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2896", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2896", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2973.json b/2019/2xxx/CVE-2019-2973.json index f0c946a9b09..1deefd7952d 100644 --- a/2019/2xxx/CVE-2019-2973.json +++ b/2019/2xxx/CVE-2019-2973.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2973", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2973", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6157.json b/2019/6xxx/CVE-2019-6157.json index 6b958b6a0dc..a3e825f3ceb 100644 --- a/2019/6xxx/CVE-2019-6157.json +++ b/2019/6xxx/CVE-2019-6157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6188.json b/2019/6xxx/CVE-2019-6188.json index 8e9e003fde6..159a0a9db18 100644 --- a/2019/6xxx/CVE-2019-6188.json +++ b/2019/6xxx/CVE-2019-6188.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6188", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6188", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6269.json b/2019/6xxx/CVE-2019-6269.json index 135d4a93f54..cb520598fe1 100644 --- a/2019/6xxx/CVE-2019-6269.json +++ b/2019/6xxx/CVE-2019-6269.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6269", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6269", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6661.json b/2019/6xxx/CVE-2019-6661.json index 1749d1de299..b73a3fca39d 100644 --- a/2019/6xxx/CVE-2019-6661.json +++ b/2019/6xxx/CVE-2019-6661.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6661", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6661", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7179.json b/2019/7xxx/CVE-2019-7179.json index b579157120f..4f0de0b9ca8 100644 --- a/2019/7xxx/CVE-2019-7179.json +++ b/2019/7xxx/CVE-2019-7179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7179", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7179", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7850.json b/2019/7xxx/CVE-2019-7850.json index cf211d8adaf..7941bea20f0 100644 --- a/2019/7xxx/CVE-2019-7850.json +++ b/2019/7xxx/CVE-2019-7850.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7850", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7850", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file