diff --git a/1999/0xxx/CVE-1999-0819.json b/1999/0xxx/CVE-1999-0819.json index f41c45f7601..bdb46b10321 100644 --- a/1999/0xxx/CVE-1999-0819.json +++ b/1999/0xxx/CVE-1999-0819.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991130 NTmail and VRFY", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94398141118586&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19991130 NTmail and VRFY", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94398141118586&w=2" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0860.json b/1999/0xxx/CVE-1999-0860.json index 58157b6fd5d..84b07427992 100644 --- a/1999/0xxx/CVE-1999-0860.json +++ b/1999/0xxx/CVE-1999-0860.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0860", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0860", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "837", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/837" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "837", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/837" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1016.json b/1999/1xxx/CVE-1999-1016.json index 111d6337b93..4ccbb003653 100644 --- a/1999/1xxx/CVE-1999-1016.json +++ b/1999/1xxx/CVE-1999-1016.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990827 HTML code to crash IE5 and Outlook Express 5", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93578772920970&w=2" - }, - { - "name" : "606", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990827 HTML code to crash IE5 and Outlook Express 5", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93578772920970&w=2" + }, + { + "name": "606", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/606" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1401.json b/1999/1xxx/CVE-1999-1401.json index 00675861ca2..b817af1ac94 100644 --- a/1999/1xxx/CVE-1999-1401.json +++ b/1999/1xxx/CVE-1999-1401.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1401", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19961201-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19961201-01-PX" - }, - { - "name" : "463", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/463" - }, - { - "name" : "8563", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/8563" - }, - { - "name" : "irix-searchbook-permissions(7575)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7575.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "irix-searchbook-permissions(7575)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7575.php" + }, + { + "name": "463", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/463" + }, + { + "name": "8563", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/8563" + }, + { + "name": "19961201-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19961201-01-PX" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1415.json b/1999/1xxx/CVE-1999-1415.json index cd329419c67..6e6c9e3b615 100644 --- a/1999/1xxx/CVE-1999-1415.json +++ b/1999/1xxx/CVE-1999-1415.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CA-91.13", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-91.13.Ultrix.mail.vulnerability" - }, - { - "name" : "27", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CA-91.13", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-91.13.Ultrix.mail.vulnerability" + }, + { + "name": "27", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0004.json b/2000/0xxx/CVE-2000-0004.json index 208cf07e0b4..6bc6f61bb94 100644 --- a/2000/0xxx/CVE-2000-0004.json +++ b/2000/0xxx/CVE-2000-0004.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991223 Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT", - "refsource" : "NTBUGTRAQ", - "url" : "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556" - }, - { - "name" : "19991223 Re: Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94606572912422&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19991223 Re: Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94606572912422&w=2" + }, + { + "name": "19991223 Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT", + "refsource": "NTBUGTRAQ", + "url": "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0041.json b/2000/0xxx/CVE-2000-0041.json index e9be63190a2..f7c7cbb1f44 100644 --- a/2000/0xxx/CVE-2000-0041.json +++ b/2000/0xxx/CVE-2000-0041.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "890", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "890", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/890" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0265.json b/2000/0xxx/CVE-2000-0265.json index 4e36d3dc490..4b8396ae040 100644 --- a/2000/0xxx/CVE-2000-0265.json +++ b/2000/0xxx/CVE-2000-0265.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000417 bugs in Panda Security 3.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FB45F2.550EA000@teleline.es" - }, - { - "name" : "http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip", - "refsource" : "CONFIRM", - "url" : "http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip" - }, - { - "name" : "1119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1119" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip", + "refsource": "CONFIRM", + "url": "http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip" + }, + { + "name": "20000417 bugs in Panda Security 3.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FB45F2.550EA000@teleline.es" + }, + { + "name": "1119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1119" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0445.json b/2000/0xxx/CVE-2000-0445.json index 31714c3aa16..5e937ae8b95 100644 --- a/2000/0xxx/CVE-2000-0445.json +++ b/2000/0xxx/CVE-2000-0445.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000523 Key Generation Security Flaw in PGP 5.0", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0273.html" - }, - { - "name" : "CA-2000-09", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-09.html" - }, - { - "name" : "1251", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1251" - }, - { - "name" : "1355", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1355" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1355", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1355" + }, + { + "name": "CA-2000-09", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-09.html" + }, + { + "name": "20000523 Key Generation Security Flaw in PGP 5.0", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0273.html" + }, + { + "name": "1251", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1251" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0529.json b/2000/0xxx/CVE-2000-0529.json index f216d67b678..9508b45b10f 100644 --- a/2000/0xxx/CVE-2000-0529.json +++ b/2000/0xxx/CVE-2000-0529.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000619 Net Tools PKI server exploits", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0166.html" - }, - { - "name" : "ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt" - }, - { - "name" : "1363", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1363" - }, - { - "name" : "nettools-pki-http-bo(4744)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4744" - }, - { - "name" : "4352", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000619 Net Tools PKI server exploits", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0166.html" + }, + { + "name": "4352", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4352" + }, + { + "name": "ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt" + }, + { + "name": "nettools-pki-http-bo(4744)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4744" + }, + { + "name": "1363", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1363" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0908.json b/2000/0xxx/CVE-2000-0908.json index 98a76aa61c1..4e4587a328b 100644 --- a/2000/0xxx/CVE-2000-0908.json +++ b/2000/0xxx/CVE-2000-0908.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=96956211605302&w=2" - }, - { - "name" : "20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)", - "refsource" : "WIN2KSEC", - "url" : "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html" - }, - { - "name" : "http://www.netcplus.com/browsegate.htm#BGLatest", - "refsource" : "CONFIRM", - "url" : "http://www.netcplus.com/browsegate.htm#BGLatest" - }, - { - "name" : "browsegate-http-dos(5270)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5270" - }, - { - "name" : "1702", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1702" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=96956211605302&w=2" + }, + { + "name": "20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)", + "refsource": "WIN2KSEC", + "url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html" + }, + { + "name": "1702", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1702" + }, + { + "name": "http://www.netcplus.com/browsegate.htm#BGLatest", + "refsource": "CONFIRM", + "url": "http://www.netcplus.com/browsegate.htm#BGLatest" + }, + { + "name": "browsegate-http-dos(5270)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5270" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0937.json b/2000/0xxx/CVE-2000-0937.json index ede91fe0c59..37361500559 100644 --- a/2000/0xxx/CVE-2000-0937.json +++ b/2000/0xxx/CVE-2000-0937.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0937", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0937", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001030 Samba 2.0.7 SWAT vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html" - }, - { - "name" : "1873", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1873" - }, - { - "name" : "samba-swat-brute-force(5442)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5442" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001030 Samba 2.0.7 SWAT vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html" + }, + { + "name": "samba-swat-brute-force(5442)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5442" + }, + { + "name": "1873", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1873" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1203.json b/2000/1xxx/CVE-2000-1203.json index 1e5f42c7ef4..dabb9846bf3 100644 --- a/2000/1xxx/CVE-2000-1203.json +++ b/2000/1xxx/CVE-2000-1203.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1203", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1203", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000520 Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER", - "refsource" : "VULN-DEV", - "url" : "http://marc.info/?l=vuln-dev&m=95886062521327&w=2" - }, - { - "name" : "20010820 Lotus Domino DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-01-21&end=2002-01-27&mid=209116&threads=1" - }, - { - "name" : "20010823 Lotus Domino DoS solution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/209754" - }, - { - "name" : "3212", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3212" - }, - { - "name" : "lotus-domino-bounced-message-dos(7012)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "lotus-domino-bounced-message-dos(7012)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7012" + }, + { + "name": "20010823 Lotus Domino DoS solution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/209754" + }, + { + "name": "20000520 Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER", + "refsource": "VULN-DEV", + "url": "http://marc.info/?l=vuln-dev&m=95886062521327&w=2" + }, + { + "name": "3212", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3212" + }, + { + "name": "20010820 Lotus Domino DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-01-21&end=2002-01-27&mid=209116&threads=1" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0987.json b/2007/0xxx/CVE-2007-0987.json index 5aaf70fac18..f90b5b25f3d 100644 --- a/2007/0xxx/CVE-2007-0987.json +++ b/2007/0xxx/CVE-2007-0987.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0987", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0987", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460076/100/0/threaded" - }, - { - "name" : "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460100/100/0/threaded" - }, - { - "name" : "http://mgsdl.free.fr/advisories/12070214.txt", - "refsource" : "MISC", - "url" : "http://mgsdl.free.fr/advisories/12070214.txt" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/12070214.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/12070214.txt" - }, - { - "name" : "3309", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3309" - }, - { - "name" : "22560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22560" - }, - { - "name" : "33731", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33731", + "refsource": "OSVDB", + "url": "http://osvdb.org/33731" + }, + { + "name": "http://mgsdl.free.fr/advisories/12070214.txt", + "refsource": "MISC", + "url": "http://mgsdl.free.fr/advisories/12070214.txt" + }, + { + "name": "22560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22560" + }, + { + "name": "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460076/100/0/threaded" + }, + { + "name": "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460100/100/0/threaded" + }, + { + "name": "http://www.acid-root.new.fr/advisories/12070214.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/12070214.txt" + }, + { + "name": "3309", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3309" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1021.json b/2007/1xxx/CVE-2007-1021.json index b35f447257b..214553b35f2 100644 --- a/2007/1xxx/CVE-2007-1021.json +++ b/2007/1xxx/CVE-2007-1021.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to execute arbitrary SQL commands via the CAT_ID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3317", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3317" - }, - { - "name" : "22582", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22582" - }, - { - "name" : "ADV-2007-0621", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0621" - }, - { - "name" : "35130", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35130" - }, - { - "name" : "codeavalanche-inclistnews-sql-injection(32528)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to execute arbitrary SQL commands via the CAT_ID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "codeavalanche-inclistnews-sql-injection(32528)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32528" + }, + { + "name": "35130", + "refsource": "OSVDB", + "url": "http://osvdb.org/35130" + }, + { + "name": "3317", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3317" + }, + { + "name": "22582", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22582" + }, + { + "name": "ADV-2007-0621", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0621" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1321.json b/2007/1xxx/CVE-2007-1321.json index 443161ad051..7975b937cd9 100644 --- a/2007/1xxx/CVE-2007-1321.json +++ b/2007/1xxx/CVE-2007-1321.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 \"receive\" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled \"NE2000 network driver and the socket code,\" but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://taviso.decsystem.org/virtsec.pdf", - "refsource" : "MISC", - "url" : "http://taviso.decsystem.org/virtsec.pdf" - }, - { - "name" : "DSA-1284", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1284" - }, - { - "name" : "FEDORA-2007-2270", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html" - }, - { - "name" : "FEDORA-2007-713", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html" - }, - { - "name" : "FEDORA-2007-2708", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html" - }, - { - "name" : "MDKSA-2007:203", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203" - }, - { - "name" : "MDVSA-2008:162", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" - }, - { - "name" : "RHSA-2007:0323", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0323.html" - }, - { - "name" : "20071030 Clarification on old QEMU/NE2000/Xen issues", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001842.html" - }, - { - "name" : "23731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23731" - }, - { - "name" : "35495", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35495" - }, - { - "name" : "oval:org.mitre.oval:def:9302", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302" - }, - { - "name" : "ADV-2007-1597", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1597" - }, - { - "name" : "1018761", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018761" - }, - { - "name" : "27072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27072" - }, - { - "name" : "27103", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27103" - }, - { - "name" : "27486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27486" - }, - { - "name" : "25073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25073" - }, - { - "name" : "25095", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25095" - }, - { - "name" : "27047", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27047" - }, - { - "name" : "29129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29129" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 \"receive\" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled \"NE2000 network driver and the socket code,\" but separate identifiers have been created for the individual vulnerabilities since there are sometimes different fixes; see CVE-2007-5729 and CVE-2007-5730." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23731" + }, + { + "name": "MDKSA-2007:203", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203" + }, + { + "name": "FEDORA-2007-2270", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html" + }, + { + "name": "27047", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27047" + }, + { + "name": "DSA-1284", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1284" + }, + { + "name": "1018761", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018761" + }, + { + "name": "25073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25073" + }, + { + "name": "http://taviso.decsystem.org/virtsec.pdf", + "refsource": "MISC", + "url": "http://taviso.decsystem.org/virtsec.pdf" + }, + { + "name": "27486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27486" + }, + { + "name": "MDVSA-2008:162", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" + }, + { + "name": "35495", + "refsource": "OSVDB", + "url": "http://osvdb.org/35495" + }, + { + "name": "ADV-2007-1597", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1597" + }, + { + "name": "FEDORA-2007-2708", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html" + }, + { + "name": "27103", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27103" + }, + { + "name": "29129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29129" + }, + { + "name": "RHSA-2007:0323", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0323.html" + }, + { + "name": "25095", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25095" + }, + { + "name": "27072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27072" + }, + { + "name": "20071030 Clarification on old QEMU/NE2000/Xen issues", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001842.html" + }, + { + "name": "FEDORA-2007-713", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html" + }, + { + "name": "oval:org.mitre.oval:def:9302", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1350.json b/2007/1xxx/CVE-2007-1350.json index 8662cd58a81..94557f8445c 100644 --- a/2007/1xxx/CVE-2007-1350.json +++ b/2007/1xxx/CVE-2007-1350.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1350", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070307 ZDI-07-009: Novell Netmail WebAdmin Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462154/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-009.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-009.html" - }, - { - "name" : "http://download.novell.com/Download?buildid=sMYRODW09pw", - "refsource" : "CONFIRM", - "url" : "http://download.novell.com/Download?buildid=sMYRODW09pw" - }, - { - "name" : "VU#919369", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/919369" - }, - { - "name" : "22857", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22857" - }, - { - "name" : "ADV-2007-0870", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0870" - }, - { - "name" : "1017734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017734" - }, - { - "name" : "24445", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24445" - }, - { - "name" : "2395", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2395" - }, - { - "name" : "netmail-sprintf-bo(32861)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32861" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24445", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24445" + }, + { + "name": "ADV-2007-0870", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0870" + }, + { + "name": "20070307 ZDI-07-009: Novell Netmail WebAdmin Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462154/100/0/threaded" + }, + { + "name": "1017734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017734" + }, + { + "name": "VU#919369", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/919369" + }, + { + "name": "22857", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22857" + }, + { + "name": "http://download.novell.com/Download?buildid=sMYRODW09pw", + "refsource": "CONFIRM", + "url": "http://download.novell.com/Download?buildid=sMYRODW09pw" + }, + { + "name": "2395", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2395" + }, + { + "name": "netmail-sprintf-bo(32861)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32861" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-009.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-009.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5160.json b/2007/5xxx/CVE-2007-5160.json index c15e44d9606..ee1b0672468 100644 --- a/2007/5xxx/CVE-2007-5160.json +++ b/2007/5xxx/CVE-2007-5160.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5160", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b) template/fr/page.php or (c) page/fr/boxConnection.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5160", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-remasys/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-remasys/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT parameter to (a) global.php, or the (2) DIR_PAGE parameter to (b) template/fr/page.php or (c) page/fr/boxConnection.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-remasys/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-remasys/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5397.json b/2007/5xxx/CVE-2007-5397.json index 8af1a7d69ce..0f74a5ade89 100644 --- a/2007/5xxx/CVE-2007-5397.json +++ b/2007/5xxx/CVE-2007-5397.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-5397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2007-87/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-87/advisory/" - }, - { - "name" : "28013", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28013" - }, - { - "name" : "27371", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27371" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28013", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28013" + }, + { + "name": "http://secunia.com/secunia_research/2007-87/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-87/advisory/" + }, + { + "name": "27371", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27371" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5761.json b/2007/5xxx/CVE-2007-5761.json index 5b1f77e1542..d60228b6ebd 100644 --- a/2007/5xxx/CVE-2007-5761.json +++ b/2007/5xxx/CVE-2007-5761.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\\\.\\NantSys device interface (nantsys.sys), which allows local users to gain privileges or cause a denial of service (system crash), as demonstrated by modifying the SYSENTER_EIP_MSR CPU Model Specific Register (MSR) value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080107 Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=636" - }, - { - "name" : "http://www.netopia.com/support/software/technotes/netoctopus/Removing_the_nantsys_Driver.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.netopia.com/support/software/technotes/netoctopus/Removing_the_nantsys_Driver.pdf" - }, - { - "name" : "27175", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27175" - }, - { - "name" : "ADV-2008-0062", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0062" - }, - { - "name" : "1019161", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019161" - }, - { - "name" : "28366", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28366" - }, - { - "name" : "netoctopus-nantsys-privilege-escalation(39503)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39503" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\\\.\\NantSys device interface (nantsys.sys), which allows local users to gain privileges or cause a denial of service (system crash), as demonstrated by modifying the SYSENTER_EIP_MSR CPU Model Specific Register (MSR) value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27175", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27175" + }, + { + "name": "28366", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28366" + }, + { + "name": "http://www.netopia.com/support/software/technotes/netoctopus/Removing_the_nantsys_Driver.pdf", + "refsource": "CONFIRM", + "url": "http://www.netopia.com/support/software/technotes/netoctopus/Removing_the_nantsys_Driver.pdf" + }, + { + "name": "netoctopus-nantsys-privilege-escalation(39503)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39503" + }, + { + "name": "ADV-2008-0062", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0062" + }, + { + "name": "1019161", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019161" + }, + { + "name": "20080107 Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=636" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5924.json b/2007/5xxx/CVE-2007-5924.json index 8b49a82a6e2..621fc89ecf7 100644 --- a/2007/5xxx/CVE-2007-5924.json +++ b/2007/5xxx/CVE-2007-5924.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5924", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5924", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21263871", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21263871" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg27010980", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg27010980" - }, - { - "name" : "JVN#84565055", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2384565055/index.html" - }, - { - "name" : "ADV-2007-3700", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3700" - }, - { - "name" : "39720", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39720" - }, - { - "name" : "27509", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27509" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#84565055", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2384565055/index.html" + }, + { + "name": "39720", + "refsource": "OSVDB", + "url": "http://osvdb.org/39720" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27010980", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27010980" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21263871", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21263871" + }, + { + "name": "27509", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27509" + }, + { + "name": "ADV-2007-3700", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3700" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3118.json b/2015/3xxx/CVE-2015-3118.json index a0e3baca1f5..891017cd37e 100644 --- a/2015/3xxx/CVE-2015-3118.json +++ b/2015/3xxx/CVE-2015-3118.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37848", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37848/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html" - }, - { - "name" : "GLSA-201507-13", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-13" - }, - { - "name" : "RHSA-2015:1214", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1214.html" - }, - { - "name" : "SUSE-SU-2015:1211", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html" - }, - { - "name" : "SUSE-SU-2015:1214", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html" - }, - { - "name" : "75590", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75590" - }, - { - "name" : "1032810", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032810" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032810", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032810" + }, + { + "name": "SUSE-SU-2015:1211", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html" + }, + { + "name": "RHSA-2015:1214", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1214.html" + }, + { + "name": "SUSE-SU-2015:1214", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html" + }, + { + "name": "GLSA-201507-13", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-13" + }, + { + "name": "37848", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37848/" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html" + }, + { + "name": "75590", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75590" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3320.json b/2015/3xxx/CVE-2015-3320.json index 33747d9b6d0..f16fcd04ee2 100644 --- a/2015/3xxx/CVE-2015-3320.json +++ b/2015/3xxx/CVE-2015-3320.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard", - "refsource" : "CONFIRM", - "url" : "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard" - }, - { - "name" : "74196", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74196" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard", + "refsource": "CONFIRM", + "url": "https://support.lenovo.com/us/en/product_security/usbenhancedkeyboard" + }, + { + "name": "74196", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74196" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3627.json b/2015/3xxx/CVE-2015-3627.json index 32b7c6edb49..5df455d46c5 100644 --- a/2015/3xxx/CVE-2015-3627.json +++ b/2015/3xxx/CVE-2015-3627.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150508 Docker 1.6.1 - Security Advisory [150507]", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/28" - }, - { - "name" : "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html" - }, - { - "name" : "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ", - "refsource" : "CONFIRM", - "url" : "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ" - }, - { - "name" : "openSUSE-SU-2015:0905", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ", + "refsource": "CONFIRM", + "url": "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ" + }, + { + "name": "20150508 Docker 1.6.1 - Security Advisory [150507]", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/28" + }, + { + "name": "openSUSE-SU-2015:0905", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.html" + }, + { + "name": "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3772.json b/2015/3xxx/CVE-2015-3772.json index df815b461ac..19829a99ce9 100644 --- a/2015/3xxx/CVE-2015-3772.json +++ b/2015/3xxx/CVE-2015-3772.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "76340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76340" - }, - { - "name" : "1033276", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76340" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "1033276", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033276" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4441.json b/2015/4xxx/CVE-2015-4441.json index 6a94234ee0b..4050c337cd4 100644 --- a/2015/4xxx/CVE-2015-4441.json +++ b/2015/4xxx/CVE-2015-4441.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4441", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-4441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html" - }, - { - "name" : "75737", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75737" - }, - { - "name" : "1032892", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032892" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, CVE-2015-5085, and CVE-2015-5086." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032892", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032892" + }, + { + "name": "https://helpx.adobe.com/security/products/reader/apsb15-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html" + }, + { + "name": "75737", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75737" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7557.json b/2015/7xxx/CVE-2015-7557.json index dc83647cc0b..16fd070fa86 100644 --- a/2015/7xxx/CVE-2015-7557.json +++ b/2015/7xxx/CVE-2015-7557.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/21/5" - }, - { - "name" : "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df" - }, - { - "name" : "https://git.gnome.org/browse/librsvg/tree/NEWS", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/librsvg/tree/NEWS" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via an odd number of elements in a coordinate pair in an SVG document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/21/5" + }, + { + "name": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df" + }, + { + "name": "https://git.gnome.org/browse/librsvg/tree/NEWS", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/librsvg/tree/NEWS" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7727.json b/2015/7xxx/CVE-2015-7727.json index ede1e64045b..5852ab4e143 100644 --- a/2015/7xxx/CVE-2015-7727.json +++ b/2015/7xxx/CVE-2015-7727.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7727", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors in the (1) trace configuration page or (2) getSqlTraceConfiguration function, aka SAP Security Note 2153898." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7727", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150929 [Onapsis Security Advisory 2015-020] SAP HANA Trace configuration SQL injection", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/115" - }, - { - "name" : "20150929 [Onapsis Security Advisory 2015-022] SAP HANA SQL injection in getSqlTraceConfiguration function", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/117" - }, - { - "name" : "http://packetstormsecurity.com/files/133766/SAP-HANA-Trace-Configuration-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133766/SAP-HANA-Trace-Configuration-SQL-Injection.html" - }, - { - "name" : "http://packetstormsecurity.com/files/133768/SAP-HANA-getSqlTraceConfiguration-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133768/SAP-HANA-getSqlTraceConfiguration-SQL-Injection.html" - }, - { - "name" : "http://www.onapsis.com/research/security-advisories/SAP-HANA-Trace-configuration-SQL-injection", - "refsource" : "MISC", - "url" : "http://www.onapsis.com/research/security-advisories/SAP-HANA-Trace-configuration-SQL-injection" - }, - { - "name" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/sap-hana-sql-injection-getsqltraceconfiguration-function", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/sap-hana-sql-injection-getsqltraceconfiguration-function" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors in the (1) trace configuration page or (2) getSqlTraceConfiguration function, aka SAP Security Note 2153898." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133766/SAP-HANA-Trace-Configuration-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133766/SAP-HANA-Trace-Configuration-SQL-Injection.html" + }, + { + "name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", + "refsource": "MISC", + "url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" + }, + { + "name": "20150929 [Onapsis Security Advisory 2015-022] SAP HANA SQL injection in getSqlTraceConfiguration function", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/117" + }, + { + "name": "http://packetstormsecurity.com/files/133768/SAP-HANA-getSqlTraceConfiguration-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133768/SAP-HANA-getSqlTraceConfiguration-SQL-Injection.html" + }, + { + "name": "http://www.onapsis.com/research/security-advisories/SAP-HANA-Trace-configuration-SQL-injection", + "refsource": "MISC", + "url": "http://www.onapsis.com/research/security-advisories/SAP-HANA-Trace-configuration-SQL-injection" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/sap-hana-sql-injection-getsqltraceconfiguration-function", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/sap-hana-sql-injection-getsqltraceconfiguration-function" + }, + { + "name": "20150929 [Onapsis Security Advisory 2015-020] SAP HANA Trace configuration SQL injection", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/115" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8685.json b/2015/8xxx/CVE-2015-8685.json index 3c12a64353e..1cc6861f96f 100644 --- a/2015/8xxx/CVE-2015-8685.json +++ b/2015/8xxx/CVE-2015-8685.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the \"import external calendar\" page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160113 Html injection Dolibarr 3.8.3", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/40" - }, - { - "name" : "http://packetstormsecurity.com/files/135256/dolibarr-HTML-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135256/dolibarr-HTML-Injection.html" - }, - { - "name" : "https://github.com/Dolibarr/dolibarr/issues/4291", - "refsource" : "CONFIRM", - "url" : "https://github.com/Dolibarr/dolibarr/issues/4291" - }, - { - "name" : "https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8", - "refsource" : "CONFIRM", - "url" : "https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) external calendar url or (2) the bank name field in the \"import external calendar\" page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Dolibarr/dolibarr/issues/4291", + "refsource": "CONFIRM", + "url": "https://github.com/Dolibarr/dolibarr/issues/4291" + }, + { + "name": "http://packetstormsecurity.com/files/135256/dolibarr-HTML-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135256/dolibarr-HTML-Injection.html" + }, + { + "name": "https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8", + "refsource": "CONFIRM", + "url": "https://github.com/GPCsolutions/dolibarr/commit/0d3181324c816bdf664ca5e1548dfe8eb05c54f8" + }, + { + "name": "20160113 Html injection Dolibarr 3.8.3", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/40" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8697.json b/2015/8xxx/CVE-2015-8697.json index 62716f08db1..baa4a2b0c8d 100644 --- a/2015/8xxx/CVE-2015-8697.json +++ b/2015/8xxx/CVE-2015-8697.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8697", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "stalin 0.11-5 allows local users to write to arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-8697", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151227 Re: CVE Request: Stalin: Insecure use of temporary files", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/27/2" - }, - { - "name" : "http://cve.killedkenny.io/cve/CVE-2015-8697", - "refsource" : "MISC", - "url" : "http://cve.killedkenny.io/cve/CVE-2015-8697" - }, - { - "name" : "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8697.html", - "refsource" : "MISC", - "url" : "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8697.html" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808730", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808730" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2015-8697/", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2015-8697/" - }, - { - "name" : "79713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79713/references" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "stalin 0.11-5 allows local users to write to arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808730", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808730" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2015-8697/", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2015-8697/" + }, + { + "name": "79713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79713/references" + }, + { + "name": "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8697.html", + "refsource": "MISC", + "url": "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8697.html" + }, + { + "name": "http://cve.killedkenny.io/cve/CVE-2015-8697", + "refsource": "MISC", + "url": "http://cve.killedkenny.io/cve/CVE-2015-8697" + }, + { + "name": "[oss-security] 20151227 Re: CVE Request: Stalin: Insecure use of temporary files", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/27/2" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9144.json b/2015/9xxx/CVE-2015-9144.json index 882db835d88..957303d36fc 100644 --- a/2015/9xxx/CVE-2015-9144.json +++ b/2015/9xxx/CVE-2015-9144.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9144", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing scheduling message information, a buffer overflow can occur." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Over Read in MMCP" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9144", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing scheduling message information, a buffer overflow can occur." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Over Read in MMCP" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9253.json b/2015/9xxx/CVE-2015-9253.json index e544a36c949..845ad48c341 100644 --- a/2015/9xxx/CVE-2015-9253.json +++ b/2015/9xxx/CVE-2015-9253.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.php.net/bug.php?id=70185", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=70185" - }, - { - "name" : "https://bugs.php.net/bug.php?id=75968", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=75968" - }, - { - "name" : "https://www.futureweb.at/security/CVE-2015-9253/", - "refsource" : "MISC", - "url" : "https://www.futureweb.at/security/CVE-2015-9253/" - }, - { - "name" : "https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287" - }, - { - "name" : "https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8", - "refsource" : "CONFIRM", - "url" : "https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8" - }, - { - "name" : "https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22", - "refsource" : "CONFIRM", - "url" : "https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22" - }, - { - "name" : "USN-3766-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3766-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22", + "refsource": "CONFIRM", + "url": "https://github.com/php/php-src/blob/PHP-7.1.20/NEWS#L20-L22" + }, + { + "name": "https://bugs.php.net/bug.php?id=70185", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=70185" + }, + { + "name": "https://bugs.php.net/bug.php?id=75968", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=75968" + }, + { + "name": "USN-3766-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3766-1/" + }, + { + "name": "https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=73342https://github.com/php/php-src/pull/3287" + }, + { + "name": "https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8", + "refsource": "CONFIRM", + "url": "https://github.com/php/php-src/commit/69dee5c732fe982c82edb17d0dbc3e79a47748d8" + }, + { + "name": "https://www.futureweb.at/security/CVE-2015-9253/", + "refsource": "MISC", + "url": "https://www.futureweb.at/security/CVE-2015-9253/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0993.json b/2016/0xxx/CVE-2016-0993.json index 1236d3ede0c..58dc916fc8f 100644 --- a/2016/0xxx/CVE-2016-0993.json +++ b/2016/0xxx/CVE-2016-0993.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0993", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84308", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84308" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "84308", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84308" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1231.json b/2016/1xxx/CVE-2016-1231.json index 038b1c4dbd7..2a5a82f14c9 100644 --- a/2016/1xxx/CVE-2016-1231.json +++ b/2016/1xxx/CVE-2016-1231.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1231", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160108 CVE-2016-1231, CVE-2016-1232: Prosody XMPP server multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/08/5" - }, - { - "name" : "http://blog.prosody.im/prosody-0-9-9-security-release/", - "refsource" : "CONFIRM", - "url" : "http://blog.prosody.im/prosody-0-9-9-security-release/" - }, - { - "name" : "https://prosody.im/issues/issue/520", - "refsource" : "CONFIRM", - "url" : "https://prosody.im/issues/issue/520" - }, - { - "name" : "https://prosody.im/security/advisory_20160108-1/", - "refsource" : "CONFIRM", - "url" : "https://prosody.im/security/advisory_20160108-1/" - }, - { - "name" : "DSA-3439", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3439" - }, - { - "name" : "FEDORA-2016-38e48069f8", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175829.html" - }, - { - "name" : "FEDORA-2016-e289f41b76", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175868.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-e289f41b76", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175868.html" + }, + { + "name": "https://prosody.im/issues/issue/520", + "refsource": "CONFIRM", + "url": "https://prosody.im/issues/issue/520" + }, + { + "name": "FEDORA-2016-38e48069f8", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175829.html" + }, + { + "name": "DSA-3439", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3439" + }, + { + "name": "http://blog.prosody.im/prosody-0-9-9-security-release/", + "refsource": "CONFIRM", + "url": "http://blog.prosody.im/prosody-0-9-9-security-release/" + }, + { + "name": "https://prosody.im/security/advisory_20160108-1/", + "refsource": "CONFIRM", + "url": "https://prosody.im/security/advisory_20160108-1/" + }, + { + "name": "[oss-security] 20160108 CVE-2016-1231, CVE-2016-1232: Prosody XMPP server multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/08/5" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1398.json b/2016/1xxx/CVE-2016-1398.json index ff488e382c3..cf24ef909dc 100644 --- a/2016/1xxx/CVE-2016-1398.json +++ b/2016/1xxx/CVE-2016-1398.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160621 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3" - }, - { - "name" : "1036115", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036115", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036115" + }, + { + "name": "20160621 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1665.json b/2016/1xxx/CVE-2016-1665.json index 9274ae5ff07..a4291110767 100644 --- a/2016/1xxx/CVE-2016-1665.json +++ b/2016/1xxx/CVE-2016-1665.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" - }, - { - "name" : "https://codereview.chromium.org/1925463003", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1925463003" - }, - { - "name" : "https://crbug.com/606181", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/606181" - }, - { - "name" : "DSA-3564", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3564" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:0707", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0707.html" - }, - { - "name" : "openSUSE-SU-2016:1655", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" - }, - { - "name" : "openSUSE-SU-2016:1207", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" - }, - { - "name" : "openSUSE-SU-2016:1208", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:1209", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" - }, - { - "name" : "USN-2960-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2960-1" - }, - { - "name" : "89106", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1208", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" + }, + { + "name": "https://crbug.com/606181", + "refsource": "CONFIRM", + "url": "https://crbug.com/606181" + }, + { + "name": "https://codereview.chromium.org/1925463003", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1925463003" + }, + { + "name": "DSA-3564", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3564" + }, + { + "name": "openSUSE-SU-2016:1655", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" + }, + { + "name": "openSUSE-SU-2016:1209", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" + }, + { + "name": "USN-2960-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2960-1" + }, + { + "name": "89106", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89106" + }, + { + "name": "openSUSE-SU-2016:1207", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" + }, + { + "name": "RHSA-2016:0707", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1869.json b/2016/1xxx/CVE-2016-1869.json index 37d41a6dbcc..9815aed0c67 100644 --- a/2016/1xxx/CVE-2016-1869.json +++ b/2016/1xxx/CVE-2016-1869.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1869", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1869", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5012.json b/2016/5xxx/CVE-2016-5012.json index a52a7c272b3..a72ca955172 100644 --- a/2016/5xxx/CVE-2016-5012.json +++ b/2016/5xxx/CVE-2016-5012.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Moodle 3.x, glossary search displays entries without checking user permissions to view them." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=336697", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=336697" - }, - { - "name" : "92041", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92041" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Moodle 3.x, glossary search displays entries without checking user permissions to view them." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92041", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92041" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=336697", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=336697" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5027.json b/2016/5xxx/CVE-2016-5027.json index f45ed8fcbe2..dec8ee5697c 100644 --- a/2016/5xxx/CVE-2016-5027.json +++ b/2016/5xxx/CVE-2016-5027.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" - }, - { - "name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1330237", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1330237" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1330237", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330237" + }, + { + "name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/25/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5346.json b/2016/5xxx/CVE-2016-5346.json index ea51a065eac..b3dd14b5b62 100644 --- a/2016/5xxx/CVE-2016-5346.json +++ b/2016/5xxx/CVE-2016-5346.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5346", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5346", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5518.json b/2016/5xxx/CVE-2016-5518.json index 9062d8ac2dd..457212e42ad 100644 --- a/2016/5xxx/CVE-2016-5518.json +++ b/2016/5xxx/CVE-2016-5518.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to webfileservices." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93647", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93647" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 and 6.2.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to webfileservices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93647", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93647" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5597.json b/2016/5xxx/CVE-2016-5597.json index b8b91bf9b0a..a1d68b14f7f 100644 --- a/2016/5xxx/CVE-2016-5597.json +++ b/2016/5xxx/CVE-2016-5597.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5597", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20161019-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20161019-0001/" - }, - { - "name" : "DSA-3707", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3707" - }, - { - "name" : "GLSA-201611-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-04" - }, - { - "name" : "GLSA-201701-43", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-43" - }, - { - "name" : "RHSA-2016:2658", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2658.html" - }, - { - "name" : "RHSA-2016:2659", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2659.html" - }, - { - "name" : "RHSA-2016:2079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2079.html" - }, - { - "name" : "RHSA-2016:2088", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2088.html" - }, - { - "name" : "RHSA-2016:2089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2089.html" - }, - { - "name" : "RHSA-2016:2090", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2090.html" - }, - { - "name" : "RHSA-2016:2136", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2136.html" - }, - { - "name" : "RHSA-2016:2137", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2137.html" - }, - { - "name" : "RHSA-2016:2138", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2138.html" - }, - { - "name" : "RHSA-2017:0061", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0061.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "USN-3130-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3130-1" - }, - { - "name" : "USN-3154-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3154-1" - }, - { - "name" : "93636", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93636" - }, - { - "name" : "1037040", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3707", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3707" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20161019-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20161019-0001/" + }, + { + "name": "RHSA-2016:2659", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2659.html" + }, + { + "name": "RHSA-2016:2136", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2136.html" + }, + { + "name": "RHSA-2016:2079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2079.html" + }, + { + "name": "USN-3130-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3130-1" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "RHSA-2016:2137", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2137.html" + }, + { + "name": "RHSA-2016:2138", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2138.html" + }, + { + "name": "GLSA-201701-43", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-43" + }, + { + "name": "RHSA-2016:2090", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2090.html" + }, + { + "name": "GLSA-201611-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-04" + }, + { + "name": "RHSA-2017:0061", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0061.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + }, + { + "name": "USN-3154-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3154-1" + }, + { + "name": "RHSA-2016:2089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2089.html" + }, + { + "name": "93636", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93636" + }, + { + "name": "1037040", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037040" + }, + { + "name": "RHSA-2016:2088", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2088.html" + }, + { + "name": "RHSA-2016:2658", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2658.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5681.json b/2016/5xxx/CVE-2016-5681.json index db81f9812b7..3660fb3c71d 100644 --- a/2016/5xxx/CVE-2016-5681.json +++ b/2016/5xxx/CVE-2016-5681.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5681", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5681", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063", - "refsource" : "CONFIRM", - "url" : "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063" - }, - { - "name" : "VU#332115", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/332115" - }, - { - "name" : "92427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92427" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063", + "refsource": "CONFIRM", + "url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10063" + }, + { + "name": "VU#332115", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/332115" + }, + { + "name": "92427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92427" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2024.json b/2018/2xxx/CVE-2018-2024.json index 897abe22c53..9e266579c3c 100644 --- a/2018/2xxx/CVE-2018-2024.json +++ b/2018/2xxx/CVE-2018-2024.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2024", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2024", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2091.json b/2018/2xxx/CVE-2018-2091.json index 5f52b1e2323..d4029e0a196 100644 --- a/2018/2xxx/CVE-2018-2091.json +++ b/2018/2xxx/CVE-2018-2091.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2091", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2091", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2691.json b/2018/2xxx/CVE-2018-2691.json index 771a9c7b647..3f24e7217fb 100644 --- a/2018/2xxx/CVE-2018-2691.json +++ b/2018/2xxx/CVE-2018-2691.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "User Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "12.1.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.4" - }, - { - "version_affected" : "=", - "version_value" : "12.2.5" - }, - { - "version_affected" : "=", - "version_value" : "12.2.6" - }, - { - "version_affected" : "=", - "version_value" : "12.2.7" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle User Management accessible data as well as unauthorized read access to a subset of Oracle User Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle User Management accessible data as well as unauthorized read access to a subset of Oracle User Management accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "User Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.1.3" + }, + { + "version_affected": "=", + "version_value": "12.2.3" + }, + { + "version_affected": "=", + "version_value": "12.2.4" + }, + { + "version_affected": "=", + "version_value": "12.2.5" + }, + { + "version_affected": "=", + "version_value": "12.2.6" + }, + { + "version_affected": "=", + "version_value": "12.2.7" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102647", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102647" - }, - { - "name" : "1040201", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle User Management accessible data as well as unauthorized read access to a subset of Oracle User Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle User Management accessible data as well as unauthorized read access to a subset of Oracle User Management accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040201", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040201" + }, + { + "name": "102647", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102647" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0202.json b/2019/0xxx/CVE-2019-0202.json index 67f1ea99bdc..2883fae2ba5 100644 --- a/2019/0xxx/CVE-2019-0202.json +++ b/2019/0xxx/CVE-2019-0202.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0202", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0202", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0364.json b/2019/0xxx/CVE-2019-0364.json index dc40b101880..12cf2476827 100644 --- a/2019/0xxx/CVE-2019-0364.json +++ b/2019/0xxx/CVE-2019-0364.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0364", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0364", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0435.json b/2019/0xxx/CVE-2019-0435.json index 99f25c21165..d27cce2cc5b 100644 --- a/2019/0xxx/CVE-2019-0435.json +++ b/2019/0xxx/CVE-2019-0435.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0435", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0435", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0727.json b/2019/0xxx/CVE-2019-0727.json index 546a0e15ab4..260791c23b7 100644 --- a/2019/0xxx/CVE-2019-0727.json +++ b/2019/0xxx/CVE-2019-0727.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0727", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0727", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1293.json b/2019/1xxx/CVE-2019-1293.json index 2e4939dd77f..d4a6fa9073d 100644 --- a/2019/1xxx/CVE-2019-1293.json +++ b/2019/1xxx/CVE-2019-1293.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1293", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1293", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1409.json b/2019/1xxx/CVE-2019-1409.json index 70b3aa6f9b0..43e4a27508b 100644 --- a/2019/1xxx/CVE-2019-1409.json +++ b/2019/1xxx/CVE-2019-1409.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1409", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1409", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1803.json b/2019/1xxx/CVE-2019-1803.json index 446eb58db3b..2c4d7f751e6 100644 --- a/2019/1xxx/CVE-2019-1803.json +++ b/2019/1xxx/CVE-2019-1803.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1803", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1803", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4394.json b/2019/4xxx/CVE-2019-4394.json index 20fbaafead2..5d059158dec 100644 --- a/2019/4xxx/CVE-2019-4394.json +++ b/2019/4xxx/CVE-2019-4394.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4394", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4394", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4426.json b/2019/4xxx/CVE-2019-4426.json index 409677c05c0..f8a65605b34 100644 --- a/2019/4xxx/CVE-2019-4426.json +++ b/2019/4xxx/CVE-2019-4426.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4426", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4426", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4617.json b/2019/4xxx/CVE-2019-4617.json index af7a3b00426..f918b4c3b64 100644 --- a/2019/4xxx/CVE-2019-4617.json +++ b/2019/4xxx/CVE-2019-4617.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4617", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4617", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4721.json b/2019/4xxx/CVE-2019-4721.json index 97e53fd7523..13302cce90a 100644 --- a/2019/4xxx/CVE-2019-4721.json +++ b/2019/4xxx/CVE-2019-4721.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4721", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4721", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5014.json b/2019/5xxx/CVE-2019-5014.json index 4aff3ac911a..efe02348b1e 100644 --- a/2019/5xxx/CVE-2019-5014.json +++ b/2019/5xxx/CVE-2019-5014.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5014", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5014", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5163.json b/2019/5xxx/CVE-2019-5163.json index 143f6c6c0f3..db1eeba0311 100644 --- a/2019/5xxx/CVE-2019-5163.json +++ b/2019/5xxx/CVE-2019-5163.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5163", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5163", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5771.json b/2019/5xxx/CVE-2019-5771.json index 211ae81dc4b..d8e978e439e 100644 --- a/2019/5xxx/CVE-2019-5771.json +++ b/2019/5xxx/CVE-2019-5771.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2019-5771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "72.0.3626.81" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Heap buffer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2019-5771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "72.0.3626.81" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://crbug.com/904265", - "refsource" : "MISC", - "url" : "https://crbug.com/904265" - }, - { - "name" : "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html" - }, - { - "name" : "RHSA-2019:0309", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2019:0309" - }, - { - "name" : "106767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106767" + }, + { + "name": "RHSA-2019:0309", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2019:0309" + }, + { + "name": "https://crbug.com/904265", + "refsource": "MISC", + "url": "https://crbug.com/904265" + }, + { + "name": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5796.json b/2019/5xxx/CVE-2019-5796.json index 7b6901a1f3d..eed578ec19a 100644 --- a/2019/5xxx/CVE-2019-5796.json +++ b/2019/5xxx/CVE-2019-5796.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5796", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5796", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5941.json b/2019/5xxx/CVE-2019-5941.json index c601aa6a818..45051cb52e5 100644 --- a/2019/5xxx/CVE-2019-5941.json +++ b/2019/5xxx/CVE-2019-5941.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5941", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5941", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9699.json b/2019/9xxx/CVE-2019-9699.json index 44aafb1bc7f..4a424de0087 100644 --- a/2019/9xxx/CVE-2019-9699.json +++ b/2019/9xxx/CVE-2019-9699.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9699", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9699", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9810.json b/2019/9xxx/CVE-2019-9810.json index de1c35efd7e..5ea594f18a3 100644 --- a/2019/9xxx/CVE-2019-9810.json +++ b/2019/9xxx/CVE-2019-9810.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9810", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9810", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file