diff --git a/1999/0xxx/CVE-1999-0032.json b/1999/0xxx/CVE-1999-0032.json
index 85d21e080f4..60ca57a8f80 100644
--- a/1999/0xxx/CVE-1999-0032.json
+++ b/1999/0xxx/CVE-1999-0032.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-1999-0032",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-1999-0032",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "I-042",
- "refsource" : "CIAC",
- "url" : "http://www.ciac.org/ciac/bulletins/i-042.shtml"
- },
- {
- "name" : "19980402-01-PX",
- "refsource" : "SGI",
- "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980402-01-PX"
- },
- {
- "name" : "707",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/707"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "19980402-01-PX",
+ "refsource": "SGI",
+ "url": "ftp://patches.sgi.com/support/free/security/advisories/19980402-01-PX"
+ },
+ {
+ "name": "707",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/707"
+ },
+ {
+ "name": "I-042",
+ "refsource": "CIAC",
+ "url": "http://www.ciac.org/ciac/bulletins/i-042.shtml"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/1999/0xxx/CVE-1999-0346.json b/1999/0xxx/CVE-1999-0346.json
index 0cf819f12c8..7e793471003 100644
--- a/1999/0xxx/CVE-1999-0346.json
+++ b/1999/0xxx/CVE-1999-0346.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-1999-0346",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "CGI PHP mlog script allows an attacker to read any file on the target server."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-1999-0346",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "713",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/713"
- },
- {
- "name" : "3397",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/3397"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "CGI PHP mlog script allows an attacker to read any file on the target server."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "713",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/713"
+ },
+ {
+ "name": "3397",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/3397"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/1999/1xxx/CVE-1999-1230.json b/1999/1xxx/CVE-1999-1230.json
index fbcbea926df..1723d0418eb 100644
--- a/1999/1xxx/CVE-1999-1230.json
+++ b/1999/1xxx/CVE-1999-1230.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-1999-1230",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-1999-1230",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "19971224 Quake II Remote Denial of Service",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/8282"
- },
- {
- "name" : "quake2-dos(698)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/698"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "quake2-dos(698)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/698"
+ },
+ {
+ "name": "19971224 Quake II Remote Denial of Service",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/8282"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/1999/1xxx/CVE-1999-1572.json b/1999/1xxx/CVE-1999-1572.json
index 0182ae0c4eb..17d8b34fe1d 100644
--- a/1999/1xxx/CVE-1999-1572.json
+++ b/1999/1xxx/CVE-1999-1572.json
@@ -1,127 +1,127 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-1999-1572",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-1999-1572",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391",
- "refsource" : "MISC",
- "url" : "http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391"
- },
- {
- "name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf",
- "refsource" : "CONFIRM",
- "url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf"
- },
- {
- "name" : "DSA-664",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2005/dsa-664"
- },
- {
- "name" : "MDKSA-2005:032",
- "refsource" : "MANDRAKE",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:032"
- },
- {
- "name" : "RHSA-2005:073",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2005-073.html"
- },
- {
- "name" : "RHSA-2005:080",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2005-080.html"
- },
- {
- "name" : "RHSA-2005:806",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2005-806.html"
- },
- {
- "name" : "2005-0003",
- "refsource" : "TRUSTIX",
- "url" : "http://www.trustix.org/errata/2005/0003/"
- },
- {
- "name" : "20050204 [USN-75-1] cpio vulnerability",
- "refsource" : "BUGTRAQ",
- "url" : "http://marc.info/?l=bugtraq&m=110763404701519&w=2"
- },
- {
- "name" : "oval:org.mitre.oval:def:10888",
- "refsource" : "OVAL",
- "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888"
- },
- {
- "name" : "14357",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/14357"
- },
- {
- "name" : "17063",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/17063"
- },
- {
- "name" : "17532",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/17532"
- },
- {
- "name" : "cpio-o-archive-insecure-permissions(19167)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19167"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20050204 [USN-75-1] cpio vulnerability",
+ "refsource": "BUGTRAQ",
+ "url": "http://marc.info/?l=bugtraq&m=110763404701519&w=2"
+ },
+ {
+ "name": "RHSA-2005:073",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
+ },
+ {
+ "name": "cpio-o-archive-insecure-permissions(19167)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19167"
+ },
+ {
+ "name": "17063",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/17063"
+ },
+ {
+ "name": "17532",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/17532"
+ },
+ {
+ "name": "2005-0003",
+ "refsource": "TRUSTIX",
+ "url": "http://www.trustix.org/errata/2005/0003/"
+ },
+ {
+ "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf",
+ "refsource": "CONFIRM",
+ "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf"
+ },
+ {
+ "name": "RHSA-2005:080",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2005-080.html"
+ },
+ {
+ "name": "oval:org.mitre.oval:def:10888",
+ "refsource": "OVAL",
+ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888"
+ },
+ {
+ "name": "http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391",
+ "refsource": "MISC",
+ "url": "http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391"
+ },
+ {
+ "name": "14357",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/14357"
+ },
+ {
+ "name": "MDKSA-2005:032",
+ "refsource": "MANDRAKE",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:032"
+ },
+ {
+ "name": "DSA-664",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2005/dsa-664"
+ },
+ {
+ "name": "RHSA-2005:806",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2005-806.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0025.json b/2000/0xxx/CVE-2000-0025.json
index 7a0f8affb83..533366dceb8 100644
--- a/2000/0xxx/CVE-2000-0025.json
+++ b/2000/0xxx/CVE-2000-0025.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0025",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the \"Virtual Directory Naming\" vulnerability."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0025",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "MS99-058",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-058"
- },
- {
- "name" : "Q238606",
- "refsource" : "MSKB",
- "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238606"
- },
- {
- "name" : "8098",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/8098"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the \"Virtual Directory Naming\" vulnerability."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "8098",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/8098"
+ },
+ {
+ "name": "MS99-058",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-058"
+ },
+ {
+ "name": "Q238606",
+ "refsource": "MSKB",
+ "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238606"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0157.json b/2000/0xxx/CVE-2000-0157.json
index a0d51be7420..989a74e2056 100644
--- a/2000/0xxx/CVE-2000-0157.json
+++ b/2000/0xxx/CVE-2000-0157.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0157",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0157",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "1999-012",
- "refsource" : "NETBSD",
- "url" : "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
- },
- {
- "name" : "992",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/992"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1999-012",
+ "refsource": "NETBSD",
+ "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc"
+ },
+ {
+ "name": "992",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/992"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0362.json b/2000/0xxx/CVE-2000-0362.json
index 1e93a6abb00..034794e6365 100644
--- a/2000/0xxx/CVE-2000-0362.json
+++ b/2000/0xxx/CVE-2000-0362.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0362",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0362",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "19991019 Security hole in cdwtools < 093",
- "refsource" : "SUSE",
- "url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_25.html"
- },
- {
- "name" : "738",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/738"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "738",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/738"
+ },
+ {
+ "name": "19991019 Security hole in cdwtools < 093",
+ "refsource": "SUSE",
+ "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_25.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0425.json b/2000/0xxx/CVE-2000-0425.json
index ee17dbc7492..b3e90aee14b 100644
--- a/2000/0xxx/CVE-2000-0425.json
+++ b/2000/0xxx/CVE-2000-0425.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0425",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0425",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.lsoft.com/news/default.asp?item=Advisory0",
- "refsource" : "CONFIRM",
- "url" : "http://www.lsoft.com/news/default.asp?item=Advisory0"
- },
- {
- "name" : "20000505 Alert: Listserv Web Archives (wa) buffer overflow",
- "refsource" : "BUGTRAQ",
- "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0048.html"
- },
- {
- "name" : "1167",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/1167"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20000505 Alert: Listserv Web Archives (wa) buffer overflow",
+ "refsource": "BUGTRAQ",
+ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0048.html"
+ },
+ {
+ "name": "http://www.lsoft.com/news/default.asp?item=Advisory0",
+ "refsource": "CONFIRM",
+ "url": "http://www.lsoft.com/news/default.asp?item=Advisory0"
+ },
+ {
+ "name": "1167",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/1167"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0515.json b/2000/0xxx/CVE-2000-0515.json
index 0facae4d15d..8ae880bff53 100644
--- a/2000/0xxx/CVE-2000-0515.json
+++ b/2000/0xxx/CVE-2000-0515.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0515",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0515",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20000607 [ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006070511.OAA05492@dogfoot.hackerslab.org"
- },
- {
- "name" : "20000608 Re: HP-UX SNMP daemon vulnerability",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006090640.XAA00779@hpchs.cup.hp.com"
- },
- {
- "name" : "1327",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/1327"
- },
- {
- "name" : "hpux-snmp-daemon(4643)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4643"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20000608 Re: HP-UX SNMP daemon vulnerability",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006090640.XAA00779@hpchs.cup.hp.com"
+ },
+ {
+ "name": "hpux-snmp-daemon(4643)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4643"
+ },
+ {
+ "name": "1327",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/1327"
+ },
+ {
+ "name": "20000607 [ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006070511.OAA05492@dogfoot.hackerslab.org"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0575.json b/2000/0xxx/CVE-2000-0575.json
index 83576027528..7b5212178cf 100644
--- a/2000/0xxx/CVE-2000-0575.json
+++ b/2000/0xxx/CVE-2000-0575.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0575",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0575",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20000630 Kerberos security vulnerability in SSH-1.2.27",
- "refsource" : "BUGTRAQ",
- "url" : "http://marc.info/?l=bugtraq&m=96256265914116&w=2"
- },
- {
- "name" : "1426",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/1426"
- },
- {
- "name" : "ssh-kerberos-tickets-disclosure(4903)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4903"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1426",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/1426"
+ },
+ {
+ "name": "ssh-kerberos-tickets-disclosure(4903)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4903"
+ },
+ {
+ "name": "20000630 Kerberos security vulnerability in SSH-1.2.27",
+ "refsource": "BUGTRAQ",
+ "url": "http://marc.info/?l=bugtraq&m=96256265914116&w=2"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2000/0xxx/CVE-2000-0668.json b/2000/0xxx/CVE-2000-0668.json
index 9ad3b8e3894..1955416b037 100644
--- a/2000/0xxx/CVE-2000-0668.json
+++ b/2000/0xxx/CVE-2000-0668.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2000-0668",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2000-0668",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "RHSA-2000:044",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2000-044.html"
- },
- {
- "name" : "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM",
- "refsource" : "BUGTRAQ",
- "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html"
- },
- {
- "name" : "20000801 MDKSA-2000:029 pam update",
- "refsource" : "BUGTRAQ",
- "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html"
- },
- {
- "name" : "1513",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/1513"
- },
- {
- "name" : "linux-pam-console(5001)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20000801 MDKSA-2000:029 pam update",
+ "refsource": "BUGTRAQ",
+ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html"
+ },
+ {
+ "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM",
+ "refsource": "BUGTRAQ",
+ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html"
+ },
+ {
+ "name": "linux-pam-console(5001)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001"
+ },
+ {
+ "name": "1513",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/1513"
+ },
+ {
+ "name": "RHSA-2000:044",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/0xxx/CVE-2007-0883.json b/2007/0xxx/CVE-2007-0883.json
index 15cbc5b6787..f03a3594acd 100644
--- a/2007/0xxx/CVE-2007-0883.json
+++ b/2007/0xxx/CVE-2007-0883.json
@@ -1,107 +1,107 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-0883",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in portalgroups/portalgroups/getfile.cgi in IP3 NetAccess before firmware 4.1.9.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-0883",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070211 Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/459806/100/0/threaded"
- },
- {
- "name" : "20070211 Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6",
- "refsource" : "FULLDISC",
- "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0235.html"
- },
- {
- "name" : "http://www.devtarget.org/ip3-advisory-02-2007.txt",
- "refsource" : "MISC",
- "url" : "http://www.devtarget.org/ip3-advisory-02-2007.txt"
- },
- {
- "name" : "3294",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/3294"
- },
- {
- "name" : "22513",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/22513"
- },
- {
- "name" : "ADV-2007-0615",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0615"
- },
- {
- "name" : "31912",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/31912"
- },
- {
- "name" : "1017623",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id?1017623"
- },
- {
- "name" : "24118",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24118"
- },
- {
- "name" : "ip3netaccess-getfile-directory-traversal(32432)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32432"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in portalgroups/portalgroups/getfile.cgi in IP3 NetAccess before firmware 4.1.9.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "3294",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/3294"
+ },
+ {
+ "name": "ip3netaccess-getfile-directory-traversal(32432)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32432"
+ },
+ {
+ "name": "ADV-2007-0615",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0615"
+ },
+ {
+ "name": "20070211 Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/459806/100/0/threaded"
+ },
+ {
+ "name": "1017623",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id?1017623"
+ },
+ {
+ "name": "31912",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/31912"
+ },
+ {
+ "name": "24118",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24118"
+ },
+ {
+ "name": "20070211 Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6",
+ "refsource": "FULLDISC",
+ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0235.html"
+ },
+ {
+ "name": "22513",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/22513"
+ },
+ {
+ "name": "http://www.devtarget.org/ip3-advisory-02-2007.txt",
+ "refsource": "MISC",
+ "url": "http://www.devtarget.org/ip3-advisory-02-2007.txt"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1125.json b/2007/1xxx/CVE-2007-1125.json
index f80a8ec11cd..3e5ac1effe6 100644
--- a/2007/1xxx/CVE-2007-1125.json
+++ b/2007/1xxx/CVE-2007-1125.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1125",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1125",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070223 Simple one-file gallery",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/461080/100/0/threaded"
- },
- {
- "name" : "22700",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/22700"
- },
- {
- "name" : "ADV-2007-0740",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0740"
- },
- {
- "name" : "33759",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/33759"
- },
- {
- "name" : "24292",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24292"
- },
- {
- "name" : "2292",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/2292"
- },
- {
- "name" : "sofg-gallery-xss(32655)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32655"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "33759",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/33759"
+ },
+ {
+ "name": "ADV-2007-0740",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0740"
+ },
+ {
+ "name": "20070223 Simple one-file gallery",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/461080/100/0/threaded"
+ },
+ {
+ "name": "22700",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/22700"
+ },
+ {
+ "name": "2292",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/2292"
+ },
+ {
+ "name": "sofg-gallery-xss(32655)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32655"
+ },
+ {
+ "name": "24292",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24292"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1248.json b/2007/1xxx/CVE-2007-1248.json
index ed1967e0c03..2a2ad2cc4e1 100644
--- a/2007/1xxx/CVE-2007-1248.json
+++ b/2007/1xxx/CVE-2007-1248.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1248",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1248",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070301 Built2Go v.1.0 => ( news.php & rating.php ) Cross Site Scripting",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/461672/100/0/threaded"
- },
- {
- "name" : "22783",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/22783"
- },
- {
- "name" : "ADV-2007-0818",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0818"
- },
- {
- "name" : "24334",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24334"
- },
- {
- "name" : "2343",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/2343"
- },
- {
- "name" : "newsmanagerblog-news-rating-xss(32772)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32772"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "24334",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24334"
+ },
+ {
+ "name": "22783",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/22783"
+ },
+ {
+ "name": "newsmanagerblog-news-rating-xss(32772)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32772"
+ },
+ {
+ "name": "2343",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/2343"
+ },
+ {
+ "name": "20070301 Built2Go v.1.0 => ( news.php & rating.php ) Cross Site Scripting",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/461672/100/0/threaded"
+ },
+ {
+ "name": "ADV-2007-0818",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0818"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1745.json b/2007/1xxx/CVE-2007-1745.json
index a204f3bcb5c..0ed7ef180bc 100644
--- a/2007/1xxx/CVE-2007-1745.json
+++ b/2007/1xxx/CVE-2007-1745.json
@@ -1,167 +1,167 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1745",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1745",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://sourceforge.net/project/shownotes.php?release_id=500765",
- "refsource" : "CONFIRM",
- "url" : "http://sourceforge.net/project/shownotes.php?release_id=500765"
- },
- {
- "name" : "http://support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.html",
- "refsource" : "CONFIRM",
- "url" : "http://support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.html"
- },
- {
- "name" : "http://docs.info.apple.com/article.html?artnum=307562",
- "refsource" : "CONFIRM",
- "url" : "http://docs.info.apple.com/article.html?artnum=307562"
- },
- {
- "name" : "APPLE-SA-2008-03-18",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
- },
- {
- "name" : "DSA-1281",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2007/dsa-1281"
- },
- {
- "name" : "GLSA-200704-21",
- "refsource" : "GENTOO",
- "url" : "http://security.gentoo.org/glsa/glsa-200704-21.xml"
- },
- {
- "name" : "MDKSA-2007:098",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:098"
- },
- {
- "name" : "SUSE-SA:2007:026",
- "refsource" : "SUSE",
- "url" : "http://www.novell.com/linux/security/advisories/2007_26_clamav.html"
- },
- {
- "name" : "2007-0013",
- "refsource" : "TRUSTIX",
- "url" : "http://www.trustix.org/errata/2007/0013/"
- },
- {
- "name" : "23473",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/23473"
- },
- {
- "name" : "ADV-2007-1378",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/1378"
- },
- {
- "name" : "ADV-2008-0924",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2008/0924/references"
- },
- {
- "name" : "34913",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/34913"
- },
- {
- "name" : "24891",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24891"
- },
- {
- "name" : "24920",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24920"
- },
- {
- "name" : "24946",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24946"
- },
- {
- "name" : "24996",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24996"
- },
- {
- "name" : "25022",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/25022"
- },
- {
- "name" : "25028",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/25028"
- },
- {
- "name" : "25189",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/25189"
- },
- {
- "name" : "29420",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/29420"
- },
- {
- "name" : "clamav-chmdecompressstream-dos(33636)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33636"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "25022",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/25022"
+ },
+ {
+ "name": "34913",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/34913"
+ },
+ {
+ "name": "2007-0013",
+ "refsource": "TRUSTIX",
+ "url": "http://www.trustix.org/errata/2007/0013/"
+ },
+ {
+ "name": "23473",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/23473"
+ },
+ {
+ "name": "24996",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24996"
+ },
+ {
+ "name": "MDKSA-2007:098",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:098"
+ },
+ {
+ "name": "ADV-2008-0924",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2008/0924/references"
+ },
+ {
+ "name": "SUSE-SA:2007:026",
+ "refsource": "SUSE",
+ "url": "http://www.novell.com/linux/security/advisories/2007_26_clamav.html"
+ },
+ {
+ "name": "29420",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/29420"
+ },
+ {
+ "name": "APPLE-SA-2008-03-18",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
+ },
+ {
+ "name": "25189",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/25189"
+ },
+ {
+ "name": "http://docs.info.apple.com/article.html?artnum=307562",
+ "refsource": "CONFIRM",
+ "url": "http://docs.info.apple.com/article.html?artnum=307562"
+ },
+ {
+ "name": "clamav-chmdecompressstream-dos(33636)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33636"
+ },
+ {
+ "name": "http://support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.html",
+ "refsource": "CONFIRM",
+ "url": "http://support.novell.com/techcenter/psdb/50a5cb718f20761dd7e0b6b4e0935c52.html"
+ },
+ {
+ "name": "http://sourceforge.net/project/shownotes.php?release_id=500765",
+ "refsource": "CONFIRM",
+ "url": "http://sourceforge.net/project/shownotes.php?release_id=500765"
+ },
+ {
+ "name": "ADV-2007-1378",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/1378"
+ },
+ {
+ "name": "25028",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/25028"
+ },
+ {
+ "name": "GLSA-200704-21",
+ "refsource": "GENTOO",
+ "url": "http://security.gentoo.org/glsa/glsa-200704-21.xml"
+ },
+ {
+ "name": "24946",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24946"
+ },
+ {
+ "name": "DSA-1281",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2007/dsa-1281"
+ },
+ {
+ "name": "24920",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24920"
+ },
+ {
+ "name": "24891",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24891"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5307.json b/2007/5xxx/CVE-2007-5307.json
index 89e981ef269..f070b03db19 100644
--- a/2007/5xxx/CVE-2007-5307.json
+++ b/2007/5xxx/CVE-2007-5307.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5307",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file via externe/swfupload/upload.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in ELSEIF CMS."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5307",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20071006 Else If cms Multiple Remote vulnerabilities",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/481683/100/0/threaded"
- },
- {
- "name" : "25951",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/25951"
- },
- {
- "name" : "3204",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/3204"
- },
- {
- "name" : "elseif-upload-file-upload(37009)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37009"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file via externe/swfupload/upload.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in ELSEIF CMS."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "elseif-upload-file-upload(37009)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37009"
+ },
+ {
+ "name": "25951",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/25951"
+ },
+ {
+ "name": "20071006 Else If cms Multiple Remote vulnerabilities",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/481683/100/0/threaded"
+ },
+ {
+ "name": "3204",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/3204"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5359.json b/2007/5xxx/CVE-2007-5359.json
index ccb481b55fd..c180647667b 100644
--- a/2007/5xxx/CVE-2007-5359.json
+++ b/2007/5xxx/CVE-2007-5359.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5359",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5359",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5484.json b/2007/5xxx/CVE-2007-5484.json
index 969b8db2161..39f5acc7837 100644
--- a/2007/5xxx/CVE-2007-5484.json
+++ b/2007/5xxx/CVE-2007-5484.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5484",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5484",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20071016 WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/482356/100/0/threaded"
- },
- {
- "name" : "4529",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/4529"
- },
- {
- "name" : "26079",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/26079"
- },
- {
- "name" : "40170",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/40170"
- },
- {
- "name" : "27198",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/27198"
- },
- {
- "name" : "wwwisis-wxis-directory-traversal(37215)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37215"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "27198",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/27198"
+ },
+ {
+ "name": "40170",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/40170"
+ },
+ {
+ "name": "20071016 WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/482356/100/0/threaded"
+ },
+ {
+ "name": "4529",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/4529"
+ },
+ {
+ "name": "26079",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/26079"
+ },
+ {
+ "name": "wwwisis-wxis-directory-traversal(37215)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37215"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5927.json b/2007/5xxx/CVE-2007-5927.json
index 3d2f5e34f9a..30c5211162e 100644
--- a/2007/5xxx/CVE-2007-5927.json
+++ b/2007/5xxx/CVE-2007-5927.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5927",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5927",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt",
- "refsource" : "MISC",
- "url" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt"
- },
- {
- "name" : "26347",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/26347"
- },
- {
- "name" : "27525",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/27525"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "26347",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/26347"
+ },
+ {
+ "name": "http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt",
+ "refsource": "MISC",
+ "url": "http://www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt"
+ },
+ {
+ "name": "27525",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/27525"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/3xxx/CVE-2015-3273.json b/2015/3xxx/CVE-2015-3273.json
index 12131853232..e91fbbceb54 100644
--- a/2015/3xxx/CVE-2015-3273.json
+++ b/2015/3xxx/CVE-2015-3273.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-3273",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing \"Post a copy to all groups\" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2015-3273",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20150713 moodle security announcements",
- "refsource" : "MLIST",
- "url" : "http://openwall.com/lists/oss-security/2015/07/13/2"
- },
- {
- "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220",
- "refsource" : "CONFIRM",
- "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220"
- },
- {
- "name" : "https://moodle.org/mod/forum/discuss.php?d=316663",
- "refsource" : "CONFIRM",
- "url" : "https://moodle.org/mod/forum/discuss.php?d=316663"
- },
- {
- "name" : "1032877",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1032877"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing \"Post a copy to all groups\" actions, which allows remote authenticated users to bypass intended access restrictions by leveraging per-group authorization."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220",
+ "refsource": "CONFIRM",
+ "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50220"
+ },
+ {
+ "name": "[oss-security] 20150713 moodle security announcements",
+ "refsource": "MLIST",
+ "url": "http://openwall.com/lists/oss-security/2015/07/13/2"
+ },
+ {
+ "name": "1032877",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1032877"
+ },
+ {
+ "name": "https://moodle.org/mod/forum/discuss.php?d=316663",
+ "refsource": "CONFIRM",
+ "url": "https://moodle.org/mod/forum/discuss.php?d=316663"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/4xxx/CVE-2015-4380.json b/2015/4xxx/CVE-2015-4380.json
index a3e0c2138ef..393a3bdd1f1 100644
--- a/2015/4xxx/CVE-2015-4380.json
+++ b/2015/4xxx/CVE-2015-4380.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-4380",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-4380",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6"
- },
- {
- "name" : "https://www.drupal.org/node/2459327",
- "refsource" : "MISC",
- "url" : "https://www.drupal.org/node/2459327"
- },
- {
- "name" : "https://www.drupal.org/node/2459197",
- "refsource" : "CONFIRM",
- "url" : "https://www.drupal.org/node/2459197"
- },
- {
- "name" : "74340",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/74340"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://www.drupal.org/node/2459197",
+ "refsource": "CONFIRM",
+ "url": "https://www.drupal.org/node/2459197"
+ },
+ {
+ "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
+ },
+ {
+ "name": "74340",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/74340"
+ },
+ {
+ "name": "https://www.drupal.org/node/2459327",
+ "refsource": "MISC",
+ "url": "https://www.drupal.org/node/2459327"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7076.json b/2015/7xxx/CVE-2015-7076.json
index 5c285746fd6..33dddc0d87d 100644
--- a/2015/7xxx/CVE-2015-7076.json
+++ b/2015/7xxx/CVE-2015-7076.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7076",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2015-7076",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://support.apple.com/HT205637",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT205637"
- },
- {
- "name" : "APPLE-SA-2015-12-08-3",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
- },
- {
- "name" : "1034344",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034344"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://support.apple.com/HT205637",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT205637"
+ },
+ {
+ "name": "1034344",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034344"
+ },
+ {
+ "name": "APPLE-SA-2015-12-08-3",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7180.json b/2015/7xxx/CVE-2015-7180.json
index e3d68bb5920..40864c07387 100644
--- a/2015/7xxx/CVE-2015-7180.json
+++ b/2015/7xxx/CVE-2015-7180.json
@@ -1,157 +1,157 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7180",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@mozilla.org",
+ "ID": "CVE-2015-7180",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-112.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-112.html"
- },
- {
- "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1191463",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1191463"
- },
- {
- "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
- },
- {
- "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
- },
- {
- "name" : "DSA-3365",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2015/dsa-3365"
- },
- {
- "name" : "RHSA-2015:1852",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2015-1852.html"
- },
- {
- "name" : "RHSA-2015:1834",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2015-1834.html"
- },
- {
- "name" : "SUSE-SU-2015:2081",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
- },
- {
- "name" : "openSUSE-SU-2015:1658",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html"
- },
- {
- "name" : "SUSE-SU-2015:1680",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html"
- },
- {
- "name" : "openSUSE-SU-2015:1679",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html"
- },
- {
- "name" : "openSUSE-SU-2015:1681",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html"
- },
- {
- "name" : "SUSE-SU-2015:1703",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html"
- },
- {
- "name" : "USN-2743-4",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2743-4"
- },
- {
- "name" : "USN-2754-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2754-1"
- },
- {
- "name" : "USN-2743-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2743-1"
- },
- {
- "name" : "USN-2743-2",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2743-2"
- },
- {
- "name" : "USN-2743-3",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2743-3"
- },
- {
- "name" : "76816",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/76816"
- },
- {
- "name" : "1033640",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1033640"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "SUSE-SU-2015:1680",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html"
+ },
+ {
+ "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1191463",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1191463"
+ },
+ {
+ "name": "SUSE-SU-2015:2081",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
+ },
+ {
+ "name": "openSUSE-SU-2015:1681",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html"
+ },
+ {
+ "name": "USN-2754-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2754-1"
+ },
+ {
+ "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-112.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-112.html"
+ },
+ {
+ "name": "USN-2743-4",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2743-4"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
+ },
+ {
+ "name": "USN-2743-3",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2743-3"
+ },
+ {
+ "name": "RHSA-2015:1834",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2015-1834.html"
+ },
+ {
+ "name": "USN-2743-2",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2743-2"
+ },
+ {
+ "name": "1033640",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1033640"
+ },
+ {
+ "name": "RHSA-2015:1852",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2015-1852.html"
+ },
+ {
+ "name": "DSA-3365",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2015/dsa-3365"
+ },
+ {
+ "name": "76816",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/76816"
+ },
+ {
+ "name": "SUSE-SU-2015:1703",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html"
+ },
+ {
+ "name": "openSUSE-SU-2015:1679",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html"
+ },
+ {
+ "name": "openSUSE-SU-2015:1658",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html"
+ },
+ {
+ "name": "USN-2743-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2743-1"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7520.json b/2015/7xxx/CVE-2015-7520.json
index aebd31e6ca9..0ec98215f5b 100644
--- a/2015/7xxx/CVE-2015-7520.json
+++ b/2015/7xxx/CVE-2015-7520.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7520",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted \"value\" attribute in a element."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2015-7520",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://wicket.apache.org/news/2016/03/02/cve-2015-7520.html",
- "refsource" : "CONFIRM",
- "url" : "http://wicket.apache.org/news/2016/03/02/cve-2015-7520.html"
- },
- {
- "name" : "1035166",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035166"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted \"value\" attribute in a element."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1035166",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035166"
+ },
+ {
+ "name": "http://wicket.apache.org/news/2016/03/02/cve-2015-7520.html",
+ "refsource": "CONFIRM",
+ "url": "http://wicket.apache.org/news/2016/03/02/cve-2015-7520.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7602.json b/2015/7xxx/CVE-2015-7602.json
index c72667d022c..1ca3f27c850 100644
--- a/2015/7xxx/CVE-2015-7602.json
+++ b/2015/7xxx/CVE-2015-7602.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7602",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-7602",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "38341",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/38341/"
- },
- {
- "name" : "http://packetstormsecurity.com/files/133749/BisonWare-BisonFTP-3.5-Directory-Traversal.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/133749/BisonWare-BisonFTP-3.5-Directory-Traversal.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in BisonWare BisonFTP 3.5 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in a RETR command."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/133749/BisonWare-BisonFTP-3.5-Directory-Traversal.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/133749/BisonWare-BisonFTP-3.5-Directory-Traversal.html"
+ },
+ {
+ "name": "38341",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/38341/"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8055.json b/2015/8xxx/CVE-2015-8055.json
index ab65e0dcce5..28867054bb6 100644
--- a/2015/8xxx/CVE-2015-8055.json
+++ b/2015/8xxx/CVE-2015-8055.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8055",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@adobe.com",
+ "ID": "CVE-2015-8055",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
- "refsource" : "CONFIRM",
- "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
- },
- {
- "name" : "GLSA-201601-03",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201601-03"
- },
- {
- "name" : "SUSE-SU-2015:2236",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
- },
- {
- "name" : "SUSE-SU-2015:2247",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
- },
- {
- "name" : "openSUSE-SU-2015:2239",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
- },
- {
- "name" : "78715",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/78715"
- },
- {
- "name" : "1034318",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034318"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "openSUSE-SU-2015:2239",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
+ },
+ {
+ "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
+ "refsource": "CONFIRM",
+ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
+ },
+ {
+ "name": "78715",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/78715"
+ },
+ {
+ "name": "SUSE-SU-2015:2236",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
+ },
+ {
+ "name": "SUSE-SU-2015:2247",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
+ },
+ {
+ "name": "1034318",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034318"
+ },
+ {
+ "name": "GLSA-201601-03",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201601-03"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8087.json b/2015/8xxx/CVE-2015-8087.json
index 3560c28a926..0828eb12125 100644
--- a/2015/8xxx/CVE-2015-8087.json
+++ b/2015/8xxx/CVE-2015-8087.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8087",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a \"VPN routing and forwarding (VRF) hopping vulnerability.\""
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-8087",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm",
- "refsource" : "CONFIRM",
- "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a \"VPN routing and forwarding (VRF) hopping vulnerability.\""
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm",
+ "refsource": "CONFIRM",
+ "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457933.htm"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8144.json b/2015/8xxx/CVE-2015-8144.json
index c90f919b34a..da05d0a76f6 100644
--- a/2015/8xxx/CVE-2015-8144.json
+++ b/2015/8xxx/CVE-2015-8144.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8144",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-8144",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8197.json b/2015/8xxx/CVE-2015-8197.json
index d83ff524f53..7910cfaabaa 100644
--- a/2015/8xxx/CVE-2015-8197.json
+++ b/2015/8xxx/CVE-2015-8197.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8197",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2015-8197",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8500.json b/2015/8xxx/CVE-2015-8500.json
index 39150bd410f..5bc55a7026c 100644
--- a/2015/8xxx/CVE-2015-8500.json
+++ b/2015/8xxx/CVE-2015-8500.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8500",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2015-8500",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/9xxx/CVE-2015-9069.json b/2015/9xxx/CVE-2015-9069.json
index 82904697ca6..a6bfd3c1458 100644
--- a/2015/9xxx/CVE-2015-9069.json
+++ b/2015/9xxx/CVE-2015-9069.json
@@ -1,68 +1,68 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "product-security@qualcomm.com",
- "DATE_PUBLIC" : "2017-07-01T00:00:00",
- "ID" : "CVE-2015-9069",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "All Qualcomm products",
- "version" : {
- "version_data" : [
- {
- "version_value" : "All Android releases from CAF using the Linux kernel"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Qualcomm, Inc."
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Detection of Error Condition Without Action in TrustZone"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@qualcomm.com",
+ "DATE_PUBLIC": "2017-07-01T00:00:00",
+ "ID": "CVE-2015-9069",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "All Qualcomm products",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "All Android releases from CAF using the Linux kernel"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Qualcomm, Inc."
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://source.android.com/security/bulletin/2017-07-01",
- "refsource" : "CONFIRM",
- "url" : "https://source.android.com/security/bulletin/2017-07-01"
- },
- {
- "name" : "99467",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/99467"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Detection of Error Condition Without Action in TrustZone"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://source.android.com/security/bulletin/2017-07-01",
+ "refsource": "CONFIRM",
+ "url": "https://source.android.com/security/bulletin/2017-07-01"
+ },
+ {
+ "name": "99467",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/99467"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/9xxx/CVE-2015-9277.json b/2015/9xxx/CVE-2015-9277.json
index 24451cf5cb6..0e0006a32ea 100644
--- a/2015/9xxx/CVE-2015-9277.json
+++ b/2015/9xxx/CVE-2015-9277.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-9277",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting files because \"/../\" and \"/.. /\" are mishandled."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-9277",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
- "refsource" : "MISC",
- "url" : "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt"
- },
- {
- "name" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
- "refsource" : "MISC",
- "url" : "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf"
- },
- {
- "name" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
- "refsource" : "MISC",
- "url" : "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading files, and deleting files because \"/../\" and \"/.. /\" are mishandled."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf",
+ "refsource": "MISC",
+ "url": "https://www.nccgroup.trust/globalassets/our-research/uk/technical-advisories/2015/technical-advisory-multiple-vulnerabilities-in-mailenable.pdf"
+ },
+ {
+ "name": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/",
+ "refsource": "MISC",
+ "url": "https://www.nccgroup.trust/uk/our-research/multiple-vulnerabilities-in-mailenable/"
+ },
+ {
+ "name": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt",
+ "refsource": "MISC",
+ "url": "https://web.archive.org/web/20150329173628/http://www.mailenable.com/Standard-ReleaseNotes.txt"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/0xxx/CVE-2016-0009.json b/2016/0xxx/CVE-2016-0009.json
index ad6fa5b302f..ec2c95c5e31 100644
--- a/2016/0xxx/CVE-2016-0009.json
+++ b/2016/0xxx/CVE-2016-0009.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-0009",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka \"Win32k Remote Code Execution Vulnerability.\""
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2016-0009",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "MS16-005",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005"
- },
- {
- "name" : "1034654",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034654"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka \"Win32k Remote Code Execution Vulnerability.\""
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "MS16-005",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005"
+ },
+ {
+ "name": "1034654",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034654"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/0xxx/CVE-2016-0194.json b/2016/0xxx/CVE-2016-0194.json
index 5eb3ea9eacd..1fc552b622d 100644
--- a/2016/0xxx/CVE-2016-0194.json
+++ b/2016/0xxx/CVE-2016-0194.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-0194",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2016-0194",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-275",
- "refsource" : "MISC",
- "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-275"
- },
- {
- "name" : "MS16-051",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051"
- },
- {
- "name" : "90004",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/90004"
- },
- {
- "name" : "1035820",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035820"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "90004",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/90004"
+ },
+ {
+ "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-275",
+ "refsource": "MISC",
+ "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-275"
+ },
+ {
+ "name": "MS16-051",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051"
+ },
+ {
+ "name": "1035820",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035820"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1478.json b/2016/1xxx/CVE-2016-1478.json
index 3e22d4774b2..b20a789e449 100644
--- a/2016/1xxx/CVE-2016-1478.json
+++ b/2016/1xxx/CVE-2016-1478.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1478",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@cisco.com",
+ "ID": "CVE-2016-1478",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160804 Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability",
- "refsource" : "CISCO",
- "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge"
- },
- {
- "name" : "92317",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92317"
- },
- {
- "name" : "1036541",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1036541"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "92317",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92317"
+ },
+ {
+ "name": "20160804 Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability",
+ "refsource": "CISCO",
+ "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge"
+ },
+ {
+ "name": "1036541",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1036541"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1560.json b/2016/1xxx/CVE-2016-1560.json
index cd3be09c09b..d354f9803e6 100644
--- a/2016/1xxx/CVE-2016-1560.json
+++ b/2016/1xxx/CVE-2016-1560.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1560",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cert@cert.org",
+ "ID": "CVE-2016-1560",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html"
- },
- {
- "name" : "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey",
- "refsource" : "MISC",
- "url" : "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey"
- },
- {
- "name" : "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials",
- "refsource" : "MISC",
- "url" : "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html"
+ },
+ {
+ "name": "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials",
+ "refsource": "MISC",
+ "url": "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials"
+ },
+ {
+ "name": "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey",
+ "refsource": "MISC",
+ "url": "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1764.json b/2016/1xxx/CVE-2016-1764.json
index 4009e95ff46..0e7d62733d3 100644
--- a/2016/1xxx/CVE-2016-1764.json
+++ b/2016/1xxx/CVE-2016-1764.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1764",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2016-1764",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://support.apple.com/HT206167",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT206167"
- },
- {
- "name" : "APPLE-SA-2016-03-21-5",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
- },
- {
- "name" : "1035363",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035363"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "APPLE-SA-2016-03-21-5",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
+ },
+ {
+ "name": "https://support.apple.com/HT206167",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT206167"
+ },
+ {
+ "name": "1035363",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035363"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1766.json b/2016/1xxx/CVE-2016-1766.json
index 8e3956e0e24..2999c3d7f11 100644
--- a/2016/1xxx/CVE-2016-1766.json
+++ b/2016/1xxx/CVE-2016-1766.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1766",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2016-1766",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-314",
- "refsource" : "MISC",
- "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-314"
- },
- {
- "name" : "https://support.apple.com/HT206166",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT206166"
- },
- {
- "name" : "APPLE-SA-2016-03-21-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
- },
- {
- "name" : "1035353",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035353"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Profiles component in Apple iOS before 9.3 does not properly validate certificates, which allows attackers to spoof an MDM profile trust relationship via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-314",
+ "refsource": "MISC",
+ "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-314"
+ },
+ {
+ "name": "1035353",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035353"
+ },
+ {
+ "name": "APPLE-SA-2016-03-21-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
+ },
+ {
+ "name": "https://support.apple.com/HT206166",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT206166"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1810.json b/2016/1xxx/CVE-2016-1810.json
index 84c90a6c7e6..c521333948a 100644
--- a/2016/1xxx/CVE-2016-1810.json
+++ b/2016/1xxx/CVE-2016-1810.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1810",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2016-1810",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://support.apple.com/HT206567",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT206567"
- },
- {
- "name" : "APPLE-SA-2016-05-16-4",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
- },
- {
- "name" : "90696",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/90696"
- },
- {
- "name" : "1035895",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035895"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://support.apple.com/HT206567",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT206567"
+ },
+ {
+ "name": "APPLE-SA-2016-05-16-4",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
+ },
+ {
+ "name": "90696",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/90696"
+ },
+ {
+ "name": "1035895",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035895"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1870.json b/2016/1xxx/CVE-2016-1870.json
index c686e1a2fb3..9ee20a5fe1f 100644
--- a/2016/1xxx/CVE-2016-1870.json
+++ b/2016/1xxx/CVE-2016-1870.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1870",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-1870",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5385.json b/2016/5xxx/CVE-2016-5385.json
index 4906883eb32..91f8be9023c 100644
--- a/2016/5xxx/CVE-2016-5385.json
+++ b/2016/5xxx/CVE-2016-5385.json
@@ -1,182 +1,182 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert@redhat.com",
- "ID" : "CVE-2016-5385",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2016-5385",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://httpoxy.org/",
- "refsource" : "MISC",
- "url" : "https://httpoxy.org/"
- },
- {
- "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1353794",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
- },
- {
- "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
- },
- {
- "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
- "refsource" : "CONFIRM",
- "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
- },
- {
- "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297",
- "refsource" : "CONFIRM",
- "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
- },
- {
- "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
- "refsource" : "CONFIRM",
- "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
- },
- {
- "name" : "https://github.com/guzzle/guzzle/releases/tag/6.2.1",
- "refsource" : "CONFIRM",
- "url" : "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
- },
- {
- "name" : "https://www.drupal.org/SA-CORE-2016-003",
- "refsource" : "CONFIRM",
- "url" : "https://www.drupal.org/SA-CORE-2016-003"
- },
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
- },
- {
- "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
- "refsource" : "CONFIRM",
- "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us"
- },
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
- },
- {
- "name" : "DSA-3631",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3631"
- },
- {
- "name" : "FEDORA-2016-4e7db3d437",
- "refsource" : "FEDORA",
- "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
- },
- {
- "name" : "FEDORA-2016-8eb11666aa",
- "refsource" : "FEDORA",
- "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
- },
- {
- "name" : "FEDORA-2016-9c8cf5912c",
- "refsource" : "FEDORA",
- "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
- },
- {
- "name" : "GLSA-201611-22",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201611-22"
- },
- {
- "name" : "RHSA-2016:1609",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
- },
- {
- "name" : "RHSA-2016:1610",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
- },
- {
- "name" : "RHSA-2016:1611",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
- },
- {
- "name" : "RHSA-2016:1612",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
- },
- {
- "name" : "RHSA-2016:1613",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
- },
- {
- "name" : "openSUSE-SU-2016:1922",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
- },
- {
- "name" : "VU#797896",
- "refsource" : "CERT-VN",
- "url" : "http://www.kb.cert.org/vuls/id/797896"
- },
- {
- "name" : "91821",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/91821"
- },
- {
- "name" : "1036335",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1036335"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "FEDORA-2016-8eb11666aa",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RMYXAVNYL2MOBJTFATE73TOVOEZYC5R/"
+ },
+ {
+ "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149",
+ "refsource": "CONFIRM",
+ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
+ },
+ {
+ "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297",
+ "refsource": "CONFIRM",
+ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05333297"
+ },
+ {
+ "name": "VU#797896",
+ "refsource": "CERT-VN",
+ "url": "http://www.kb.cert.org/vuls/id/797896"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
+ },
+ {
+ "name": "GLSA-201611-22",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201611-22"
+ },
+ {
+ "name": "openSUSE-SU-2016:1922",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
+ },
+ {
+ "name": "https://www.drupal.org/SA-CORE-2016-003",
+ "refsource": "CONFIRM",
+ "url": "https://www.drupal.org/SA-CORE-2016-003"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
+ },
+ {
+ "name": "RHSA-2016:1613",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1613.html"
+ },
+ {
+ "name": "RHSA-2016:1611",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1611.html"
+ },
+ {
+ "name": "RHSA-2016:1610",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1610.html"
+ },
+ {
+ "name": "DSA-3631",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3631"
+ },
+ {
+ "name": "91821",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/91821"
+ },
+ {
+ "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
+ "refsource": "CONFIRM",
+ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
+ },
+ {
+ "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us",
+ "refsource": "CONFIRM",
+ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us"
+ },
+ {
+ "name": "FEDORA-2016-4e7db3d437",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KZOIUYZDBWNDDHC6XTOLZYRMRXZWTJCP/"
+ },
+ {
+ "name": "RHSA-2016:1609",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1609.html"
+ },
+ {
+ "name": "1036335",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1036335"
+ },
+ {
+ "name": "https://httpoxy.org/",
+ "refsource": "MISC",
+ "url": "https://httpoxy.org/"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
+ },
+ {
+ "name": "RHSA-2016:1612",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1612.html"
+ },
+ {
+ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
+ },
+ {
+ "name": "FEDORA-2016-9c8cf5912c",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GXFEIMZPSVGZQQAYIQ7U7DFVX3IBSDLF/"
+ },
+ {
+ "name": "https://github.com/guzzle/guzzle/releases/tag/6.2.1",
+ "refsource": "CONFIRM",
+ "url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5432.json b/2016/5xxx/CVE-2016-5432.json
index 8fae5482694..523703ce363 100644
--- a/2016/5xxx/CVE-2016-5432.json
+++ b/2016/5xxx/CVE-2016-5432.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert@redhat.com",
- "ID" : "CVE-2016-5432",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2016-5432",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1371428",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
- },
- {
- "name" : "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129",
- "refsource" : "CONFIRM",
- "url" : "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
- },
- {
- "name" : "RHSA-2016:1967",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
- },
- {
- "name" : "92694",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92694"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129",
+ "refsource": "CONFIRM",
+ "url": "https://gerrit.ovirt.org/#/q/I40c88ad48f8f7c2b8e06802137870b0c198b5129"
+ },
+ {
+ "name": "RHSA-2016:1967",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1967.html"
+ },
+ {
+ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1371428"
+ },
+ {
+ "name": "92694",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92694"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5546.json b/2016/5xxx/CVE-2016-5546.json
index 6ecaf850d73..fbeca452441 100644
--- a/2016/5xxx/CVE-2016-5546.json
+++ b/2016/5xxx/CVE-2016-5546.json
@@ -1,168 +1,168 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert_us@oracle.com",
- "ID" : "CVE-2016-5546",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "Java SE",
- "version" : {
- "version_data" : [
- {
- "version_value" : "6u131"
- },
- {
- "version_value" : "7u121"
- },
- {
- "version_value" : "8u112"
- }
- ]
- }
- },
- {
- "product_name" : "Java SE Embedded",
- "version" : {
- "version_data" : [
- {
- "version_value" : "8u111"
- }
- ]
- }
- },
- {
- "product_name" : "JRockit",
- "version" : {
- "version_data" : [
- {
- "version_value" : "R28.3.12"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Oracle"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts)."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert_us@oracle.com",
+ "ID": "CVE-2016-5546",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Java SE",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "6u131"
+ },
+ {
+ "version_value": "7u121"
+ },
+ {
+ "version_value": "8u112"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "Java SE Embedded",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "8u111"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "JRockit",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "R28.3.12"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Oracle"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
- },
- {
- "name" : "https://security.netapp.com/advisory/ntap-20170119-0001/",
- "refsource" : "CONFIRM",
- "url" : "https://security.netapp.com/advisory/ntap-20170119-0001/"
- },
- {
- "name" : "DSA-3782",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2017/dsa-3782"
- },
- {
- "name" : "GLSA-201701-65",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201701-65"
- },
- {
- "name" : "GLSA-201707-01",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201707-01"
- },
- {
- "name" : "RHSA-2017:0175",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
- },
- {
- "name" : "RHSA-2017:0176",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
- },
- {
- "name" : "RHSA-2017:0177",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
- },
- {
- "name" : "RHSA-2017:0180",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
- },
- {
- "name" : "RHSA-2017:0263",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
- },
- {
- "name" : "RHSA-2017:0269",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
- },
- {
- "name" : "RHSA-2017:0336",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
- },
- {
- "name" : "RHSA-2017:0337",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
- },
- {
- "name" : "RHSA-2017:0338",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
- },
- {
- "name" : "RHSA-2017:1216",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2017:1216"
- },
- {
- "name" : "95506",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/95506"
- },
- {
- "name" : "1037637",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1037637"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "RHSA-2017:0338",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
+ },
+ {
+ "name": "DSA-3782",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2017/dsa-3782"
+ },
+ {
+ "name": "RHSA-2017:0176",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
+ },
+ {
+ "name": "GLSA-201701-65",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201701-65"
+ },
+ {
+ "name": "RHSA-2017:0180",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
+ },
+ {
+ "name": "95506",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/95506"
+ },
+ {
+ "name": "1037637",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1037637"
+ },
+ {
+ "name": "GLSA-201707-01",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201707-01"
+ },
+ {
+ "name": "RHSA-2017:0175",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
+ },
+ {
+ "name": "RHSA-2017:0177",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
+ },
+ {
+ "name": "RHSA-2017:0263",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
+ },
+ {
+ "name": "RHSA-2017:1216",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2017:1216"
+ },
+ {
+ "name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
+ "refsource": "CONFIRM",
+ "url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
+ },
+ {
+ "name": "RHSA-2017:0269",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
+ },
+ {
+ "name": "RHSA-2017:0337",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
+ },
+ {
+ "name": "RHSA-2017:0336",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2018/2xxx/CVE-2018-2435.json b/2018/2xxx/CVE-2018-2435.json
index d646c557e10..b0b81c4a991 100644
--- a/2018/2xxx/CVE-2018-2435.json
+++ b/2018/2xxx/CVE-2018-2435.json
@@ -1,100 +1,100 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cna@sap.com",
- "ID" : "CVE-2018-2435",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "SAP NetWeaver Enterprise Portal",
- "version" : {
- "version_data" : [
- {
- "version_name" : "=",
- "version_value" : "7.0 to 7.02"
- },
- {
- "version_name" : "=",
- "version_value" : "7.11"
- },
- {
- "version_name" : "=",
- "version_value" : "7.20"
- },
- {
- "version_name" : "=",
- "version_value" : "7.30"
- },
- {
- "version_name" : "=",
- "version_value" : "7.31"
- },
- {
- "version_name" : "=",
- "version_value" : "7.40"
- },
- {
- "version_name" : "=",
- "version_value" : "7.50"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "SAP"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Cross-Site Scripting"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cna@sap.com",
+ "ID": "CVE-2018-2435",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "SAP NetWeaver Enterprise Portal",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "=",
+ "version_value": "7.0 to 7.02"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.11"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.20"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.30"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.31"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.40"
+ },
+ {
+ "version_name": "=",
+ "version_value": "7.50"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "SAP"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://launchpad.support.sap.com/#/notes/2643126",
- "refsource" : "MISC",
- "url" : "https://launchpad.support.sap.com/#/notes/2643126"
- },
- {
- "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000",
- "refsource" : "CONFIRM",
- "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
- },
- {
- "name" : "104706",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/104706"
- }
- ]
- },
- "source" : {
- "discovery" : "UNKNOWN"
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SAP NetWeaver Enterprise Portal from 7.0 to 7.02, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Cross-Site Scripting"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://launchpad.support.sap.com/#/notes/2643126",
+ "refsource": "MISC",
+ "url": "https://launchpad.support.sap.com/#/notes/2643126"
+ },
+ {
+ "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000",
+ "refsource": "CONFIRM",
+ "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
+ },
+ {
+ "name": "104706",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/104706"
+ }
+ ]
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ }
+}
\ No newline at end of file
diff --git a/2018/2xxx/CVE-2018-2952.json b/2018/2xxx/CVE-2018-2952.json
index 756a908fb89..e016011c27f 100644
--- a/2018/2xxx/CVE-2018-2952.json
+++ b/2018/2xxx/CVE-2018-2952.json
@@ -1,200 +1,200 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert_us@oracle.com",
- "ID" : "CVE-2018-2952",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "Java",
- "version" : {
- "version_data" : [
- {
- "version_affected" : "=",
- "version_value" : "Java SE: 6u191"
- },
- {
- "version_affected" : "=",
- "version_value" : "7u181"
- },
- {
- "version_affected" : "=",
- "version_value" : "8u172"
- },
- {
- "version_affected" : "=",
- "version_value" : "10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Oracle Corporation"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert_us@oracle.com",
+ "ID": "CVE-2018-2952",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Java",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "Java SE: 6u191"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "7u181"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "8u172"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Oracle Corporation"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
- "refsource" : "MLIST",
- "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
- },
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
- },
- {
- "name" : "https://security.netapp.com/advisory/ntap-20180726-0001/",
- "refsource" : "CONFIRM",
- "url" : "https://security.netapp.com/advisory/ntap-20180726-0001/"
- },
- {
- "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us",
- "refsource" : "CONFIRM",
- "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us"
- },
- {
- "name" : "DSA-4268",
- "refsource" : "DEBIAN",
- "url" : "https://www.debian.org/security/2018/dsa-4268"
- },
- {
- "name" : "RHSA-2018:2241",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2241"
- },
- {
- "name" : "RHSA-2018:2242",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2242"
- },
- {
- "name" : "RHSA-2018:2253",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2253"
- },
- {
- "name" : "RHSA-2018:2254",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2254"
- },
- {
- "name" : "RHSA-2018:2255",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2255"
- },
- {
- "name" : "RHSA-2018:2256",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2256"
- },
- {
- "name" : "RHSA-2018:2283",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2283"
- },
- {
- "name" : "RHSA-2018:2286",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2286"
- },
- {
- "name" : "RHSA-2018:2568",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2568"
- },
- {
- "name" : "RHSA-2018:2569",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2569"
- },
- {
- "name" : "RHSA-2018:2575",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2575"
- },
- {
- "name" : "RHSA-2018:2576",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2576"
- },
- {
- "name" : "RHSA-2018:2712",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2712"
- },
- {
- "name" : "RHSA-2018:2713",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:2713"
- },
- {
- "name" : "RHSA-2018:3007",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:3007"
- },
- {
- "name" : "RHSA-2018:3008",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2018:3008"
- },
- {
- "name" : "USN-3734-1",
- "refsource" : "UBUNTU",
- "url" : "https://usn.ubuntu.com/3734-1/"
- },
- {
- "name" : "USN-3735-1",
- "refsource" : "UBUNTU",
- "url" : "https://usn.ubuntu.com/3735-1/"
- },
- {
- "name" : "USN-3747-1",
- "refsource" : "UBUNTU",
- "url" : "https://usn.ubuntu.com/3747-1/"
- },
- {
- "name" : "104765",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/104765"
- },
- {
- "name" : "1041302",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1041302"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "RHSA-2018:2254",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2254"
+ },
+ {
+ "name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
+ "refsource": "MLIST",
+ "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
+ },
+ {
+ "name": "RHSA-2018:3007",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:3007"
+ },
+ {
+ "name": "104765",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/104765"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
+ },
+ {
+ "name": "RHSA-2018:2713",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2713"
+ },
+ {
+ "name": "https://security.netapp.com/advisory/ntap-20180726-0001/",
+ "refsource": "CONFIRM",
+ "url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
+ },
+ {
+ "name": "RHSA-2018:2242",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2242"
+ },
+ {
+ "name": "RHSA-2018:2255",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2255"
+ },
+ {
+ "name": "USN-3747-1",
+ "refsource": "UBUNTU",
+ "url": "https://usn.ubuntu.com/3747-1/"
+ },
+ {
+ "name": "RHSA-2018:2575",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2575"
+ },
+ {
+ "name": "RHSA-2018:2256",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2256"
+ },
+ {
+ "name": "RHSA-2018:2576",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2576"
+ },
+ {
+ "name": "RHSA-2018:2241",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2241"
+ },
+ {
+ "name": "RHSA-2018:2253",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2253"
+ },
+ {
+ "name": "RHSA-2018:2568",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2568"
+ },
+ {
+ "name": "RHSA-2018:2569",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2569"
+ },
+ {
+ "name": "USN-3735-1",
+ "refsource": "UBUNTU",
+ "url": "https://usn.ubuntu.com/3735-1/"
+ },
+ {
+ "name": "RHSA-2018:2712",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2712"
+ },
+ {
+ "name": "RHSA-2018:3008",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:3008"
+ },
+ {
+ "name": "RHSA-2018:2286",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2286"
+ },
+ {
+ "name": "DSA-4268",
+ "refsource": "DEBIAN",
+ "url": "https://www.debian.org/security/2018/dsa-4268"
+ },
+ {
+ "name": "RHSA-2018:2283",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:2283"
+ },
+ {
+ "name": "1041302",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1041302"
+ },
+ {
+ "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us",
+ "refsource": "CONFIRM",
+ "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03882en_us"
+ },
+ {
+ "name": "USN-3734-1",
+ "refsource": "UBUNTU",
+ "url": "https://usn.ubuntu.com/3734-1/"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2018/2xxx/CVE-2018-2976.json b/2018/2xxx/CVE-2018-2976.json
index 62fc5ce9820..72a7857a346 100644
--- a/2018/2xxx/CVE-2018-2976.json
+++ b/2018/2xxx/CVE-2018-2976.json
@@ -1,73 +1,73 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert_us@oracle.com",
- "ID" : "CVE-2018-2976",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "Enterprise Manager Ops Center",
- "version" : {
- "version_data" : [
- {
- "version_affected" : "=",
- "version_value" : "12.2.2"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Oracle Corporation"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Networking). The supported version that is affected is 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Ops Center accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Ops Center accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data."
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert_us@oracle.com",
+ "ID": "CVE-2018-2976",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Enterprise Manager Ops Center",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "12.2.2"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Oracle Corporation"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
- },
- {
- "name" : "104796",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/104796"
- },
- {
- "name" : "1041308",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1041308"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Networking). The supported version that is affected is 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Ops Center accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Ops Center accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data."
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
+ },
+ {
+ "name": "104796",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/104796"
+ },
+ {
+ "name": "1041308",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1041308"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2018/2xxx/CVE-2018-2994.json b/2018/2xxx/CVE-2018-2994.json
index c1458477ca3..a3236bfa623 100644
--- a/2018/2xxx/CVE-2018-2994.json
+++ b/2018/2xxx/CVE-2018-2994.json
@@ -1,101 +1,101 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secalert_us@oracle.com",
- "ID" : "CVE-2018-2994",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "iStore",
- "version" : {
- "version_data" : [
- {
- "version_affected" : "=",
- "version_value" : "12.1.1"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.1.2"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.1.3"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.2.3"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.2.4"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.2.5"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.2.6"
- },
- {
- "version_affected" : "=",
- "version_value" : "12.2.7"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Oracle Corporation"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data."
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert_us@oracle.com",
+ "ID": "CVE-2018-2994",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "iStore",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "12.1.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.1.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.1.3"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.2.3"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.2.4"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.2.5"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.2.6"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "12.2.7"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Oracle Corporation"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
- },
- {
- "name" : "104838",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/104838"
- },
- {
- "name" : "1041309",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1041309"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iStore accessible data."
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
+ },
+ {
+ "name": "104838",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/104838"
+ },
+ {
+ "name": "1041309",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1041309"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0008.json b/2019/0xxx/CVE-2019-0008.json
index 51b6b1320cb..a5fc302b1b7 100644
--- a/2019/0xxx/CVE-2019-0008.json
+++ b/2019/0xxx/CVE-2019-0008.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0008",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0008",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0132.json b/2019/0xxx/CVE-2019-0132.json
index 81204ae2a4d..a9ef0db4ca6 100644
--- a/2019/0xxx/CVE-2019-0132.json
+++ b/2019/0xxx/CVE-2019-0132.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0132",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0132",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0185.json b/2019/0xxx/CVE-2019-0185.json
index 9e8bb5379e6..23cc938021b 100644
--- a/2019/0xxx/CVE-2019-0185.json
+++ b/2019/0xxx/CVE-2019-0185.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0185",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0185",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0463.json b/2019/0xxx/CVE-2019-0463.json
index 57a5a4606e2..556827dacf3 100644
--- a/2019/0xxx/CVE-2019-0463.json
+++ b/2019/0xxx/CVE-2019-0463.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0463",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0463",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1196.json b/2019/1xxx/CVE-2019-1196.json
index 9871b5a1bb4..1c9f23a0fbf 100644
--- a/2019/1xxx/CVE-2019-1196.json
+++ b/2019/1xxx/CVE-2019-1196.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1196",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1196",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1276.json b/2019/1xxx/CVE-2019-1276.json
index 94bd1033dff..8c36f539337 100644
--- a/2019/1xxx/CVE-2019-1276.json
+++ b/2019/1xxx/CVE-2019-1276.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1276",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1276",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1449.json b/2019/1xxx/CVE-2019-1449.json
index c9df377f3bc..335190b0203 100644
--- a/2019/1xxx/CVE-2019-1449.json
+++ b/2019/1xxx/CVE-2019-1449.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1449",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1449",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1792.json b/2019/1xxx/CVE-2019-1792.json
index 8fcab2a56f4..fa2a4faf7a8 100644
--- a/2019/1xxx/CVE-2019-1792.json
+++ b/2019/1xxx/CVE-2019-1792.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1792",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1792",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4223.json b/2019/4xxx/CVE-2019-4223.json
index bc6d5bb7d05..ee6a0cbfa0a 100644
--- a/2019/4xxx/CVE-2019-4223.json
+++ b/2019/4xxx/CVE-2019-4223.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4223",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4223",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4229.json b/2019/4xxx/CVE-2019-4229.json
index f12fac35cbf..f29ae5c2a9e 100644
--- a/2019/4xxx/CVE-2019-4229.json
+++ b/2019/4xxx/CVE-2019-4229.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4229",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4229",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4342.json b/2019/4xxx/CVE-2019-4342.json
index 6191cf18a81..1b5ddd03c60 100644
--- a/2019/4xxx/CVE-2019-4342.json
+++ b/2019/4xxx/CVE-2019-4342.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4342",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4342",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4574.json b/2019/4xxx/CVE-2019-4574.json
index 2e85783a978..d2715db4d84 100644
--- a/2019/4xxx/CVE-2019-4574.json
+++ b/2019/4xxx/CVE-2019-4574.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4574",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4574",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5242.json b/2019/5xxx/CVE-2019-5242.json
index e34def4ae26..a9f3546ed6c 100644
--- a/2019/5xxx/CVE-2019-5242.json
+++ b/2019/5xxx/CVE-2019-5242.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5242",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5242",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5435.json b/2019/5xxx/CVE-2019-5435.json
index d30a4c74588..df5e6bc6a62 100644
--- a/2019/5xxx/CVE-2019-5435.json
+++ b/2019/5xxx/CVE-2019-5435.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5435",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5435",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5677.json b/2019/5xxx/CVE-2019-5677.json
index d9cd237af3d..7a8d95586f1 100644
--- a/2019/5xxx/CVE-2019-5677.json
+++ b/2019/5xxx/CVE-2019-5677.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5677",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5677",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5870.json b/2019/5xxx/CVE-2019-5870.json
index 0485b6f0481..e6fef9f3ebd 100644
--- a/2019/5xxx/CVE-2019-5870.json
+++ b/2019/5xxx/CVE-2019-5870.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5870",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5870",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9321.json b/2019/9xxx/CVE-2019-9321.json
index c20c9cef5d6..240e90bb9c0 100644
--- a/2019/9xxx/CVE-2019-9321.json
+++ b/2019/9xxx/CVE-2019-9321.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9321",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9321",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9374.json b/2019/9xxx/CVE-2019-9374.json
index 6acc904c825..f55b85efdd9 100644
--- a/2019/9xxx/CVE-2019-9374.json
+++ b/2019/9xxx/CVE-2019-9374.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9374",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9374",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9393.json b/2019/9xxx/CVE-2019-9393.json
index 3e7822e84f6..d5acc446c53 100644
--- a/2019/9xxx/CVE-2019-9393.json
+++ b/2019/9xxx/CVE-2019-9393.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9393",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9393",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9446.json b/2019/9xxx/CVE-2019-9446.json
index 67988a88dd9..0eca28e7687 100644
--- a/2019/9xxx/CVE-2019-9446.json
+++ b/2019/9xxx/CVE-2019-9446.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9446",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9446",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file