From 65d9e8da72c39c3f91a993be21974ce4e4b1436b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 04:08:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/2xxx/CVE-2007-2606.json | 190 +++++++++--------- 2007/2xxx/CVE-2007-2627.json | 140 +++++++------- 2007/3xxx/CVE-2007-3037.json | 210 ++++++++++---------- 2007/3xxx/CVE-2007-3438.json | 130 ++++++------- 2007/3xxx/CVE-2007-3554.json | 210 ++++++++++---------- 2007/3xxx/CVE-2007-3686.json | 160 ++++++++-------- 2007/3xxx/CVE-2007-3800.json | 170 ++++++++--------- 2007/3xxx/CVE-2007-3972.json | 210 ++++++++++---------- 2007/4xxx/CVE-2007-4676.json | 270 +++++++++++++------------- 2007/4xxx/CVE-2007-4862.json | 180 ++++++++--------- 2007/4xxx/CVE-2007-4889.json | 160 ++++++++-------- 2007/4xxx/CVE-2007-4895.json | 130 ++++++------- 2007/6xxx/CVE-2007-6184.json | 160 ++++++++-------- 2007/6xxx/CVE-2007-6325.json | 170 ++++++++--------- 2007/6xxx/CVE-2007-6335.json | 340 ++++++++++++++++----------------- 2007/6xxx/CVE-2007-6442.json | 34 ++-- 2010/1xxx/CVE-2010-1613.json | 140 +++++++------- 2010/1xxx/CVE-2010-1684.json | 34 ++-- 2014/0xxx/CVE-2014-0093.json | 160 ++++++++-------- 2014/0xxx/CVE-2014-0559.json | 200 +++++++++---------- 2014/0xxx/CVE-2014-0597.json | 34 ++-- 2014/1xxx/CVE-2014-1254.json | 120 ++++++------ 2014/1xxx/CVE-2014-1309.json | 150 +++++++-------- 2014/1xxx/CVE-2014-1639.json | 170 ++++++++--------- 2014/1xxx/CVE-2014-1860.json | 34 ++-- 2014/5xxx/CVE-2014-5002.json | 150 +++++++-------- 2014/5xxx/CVE-2014-5023.json | 120 ++++++------ 2014/5xxx/CVE-2014-5027.json | 180 ++++++++--------- 2015/2xxx/CVE-2015-2000.json | 130 ++++++------- 2015/2xxx/CVE-2015-2015.json | 130 ++++++------- 2015/2xxx/CVE-2015-2180.json | 130 ++++++------- 2015/2xxx/CVE-2015-2208.json | 160 ++++++++-------- 2016/10xxx/CVE-2016-10039.json | 140 +++++++------- 2016/10xxx/CVE-2016-10385.json | 142 +++++++------- 2016/10xxx/CVE-2016-10407.json | 132 ++++++------- 2016/10xxx/CVE-2016-10568.json | 122 ++++++------ 2016/10xxx/CVE-2016-10615.json | 122 ++++++------ 2016/4xxx/CVE-2016-4057.json | 130 ++++++------- 2016/4xxx/CVE-2016-4178.json | 180 ++++++++--------- 2016/4xxx/CVE-2016-4680.json | 160 ++++++++-------- 2016/4xxx/CVE-2016-4830.json | 140 +++++++------- 2016/8xxx/CVE-2016-8031.json | 140 +++++++------- 2016/8xxx/CVE-2016-8373.json | 34 ++-- 2016/9xxx/CVE-2016-9422.json | 160 ++++++++-------- 2016/9xxx/CVE-2016-9577.json | 226 +++++++++++----------- 2016/9xxx/CVE-2016-9714.json | 174 ++++++++--------- 2016/9xxx/CVE-2016-9754.json | 160 ++++++++-------- 2016/9xxx/CVE-2016-9786.json | 34 ++-- 2019/2xxx/CVE-2019-2037.json | 34 ++-- 2019/2xxx/CVE-2019-2656.json | 34 ++-- 2019/2xxx/CVE-2019-2680.json | 34 ++-- 2019/3xxx/CVE-2019-3061.json | 34 ++-- 2019/3xxx/CVE-2019-3664.json | 34 ++-- 2019/3xxx/CVE-2019-3814.json | 34 ++-- 2019/3xxx/CVE-2019-3934.json | 34 ++-- 2019/6xxx/CVE-2019-6031.json | 34 ++-- 2019/6xxx/CVE-2019-6450.json | 34 ++-- 2019/7xxx/CVE-2019-7264.json | 34 ++-- 2019/7xxx/CVE-2019-7278.json | 34 ++-- 2019/7xxx/CVE-2019-7552.json | 34 ++-- 2019/7xxx/CVE-2019-7903.json | 34 ++-- 61 files changed, 3772 insertions(+), 3772 deletions(-) diff --git a/2007/2xxx/CVE-2007-2606.json b/2007/2xxx/CVE-2007-2606.json index e586399ed77..3aeccce6ff6 100644 --- a/2007/2xxx/CVE-2007-2606.json +++ b/2007/2xxx/CVE-2007-2606.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2606", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\\ConfigFile.cpp or (2) msgs\\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2606", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070509 Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468070/100/0/threaded" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "28478", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28478" - }, - { - "name" : "37308", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37308" - }, - { - "name" : "37309", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37309" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - }, - { - "name" : "2708", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2708" - }, - { - "name" : "firebird-configfile-checkmsgs-bo(34201)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\\ConfigFile.cpp or (2) msgs\\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37309", + "refsource": "OSVDB", + "url": "http://osvdb.org/37309" + }, + { + "name": "firebird-configfile-checkmsgs-bo(34201)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34201" + }, + { + "name": "20070509 Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded" + }, + { + "name": "28478", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28478" + }, + { + "name": "37308", + "refsource": "OSVDB", + "url": "http://osvdb.org/37308" + }, + { + "name": "2708", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2708" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2627.json b/2007/2xxx/CVE-2007-2627.json index c95f5fe634a..fbe7d83a5fc 100644 --- a/2007/2xxx/CVE-2007-2627.json +++ b/2007/2xxx/CVE-2007-2627.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than CVE-2007-1622." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070502 Wordpress All versions XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467360/100/0/threaded" - }, - { - "name" : "37296", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37296" - }, - { - "name" : "2694", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2694" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than CVE-2007-1622." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37296", + "refsource": "OSVDB", + "url": "http://osvdb.org/37296" + }, + { + "name": "2694", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2694" + }, + { + "name": "20070502 Wordpress All versions XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467360/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3037.json b/2007/3xxx/CVE-2007-3037.json index 1947d959691..ca94ebec3f0 100644 --- a/2007/3xxx/CVE-2007-3037.json +++ b/2007/3xxx/CVE-2007-3037.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3037", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka \"Windows Media Player Code Execution Vulnerability Parsing Skins.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-3037", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070814 ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476533/100/0/threaded" - }, - { - "name" : "MS07-047", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-047" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-046.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-046.html" - }, - { - "name" : "TA07-226A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" - }, - { - "name" : "25307", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25307" - }, - { - "name" : "ADV-2007-2871", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2871" - }, - { - "name" : "36385", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36385" - }, - { - "name" : "oval:org.mitre.oval:def:2207", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2207" - }, - { - "name" : "1018565", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018565" - }, - { - "name" : "26433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka \"Windows Media Player Code Execution Vulnerability Parsing Skins.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-226A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" + }, + { + "name": "26433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26433" + }, + { + "name": "36385", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36385" + }, + { + "name": "1018565", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018565" + }, + { + "name": "MS07-047", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-047" + }, + { + "name": "ADV-2007-2871", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2871" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-046.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-046.html" + }, + { + "name": "25307", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25307" + }, + { + "name": "oval:org.mitre.oval:def:2207", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2207" + }, + { + "name": "20070814 ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476533/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3438.json b/2007/3xxx/CVE-2007-3438.json index 0dda4c659b9..495ca789206 100644 --- a/2007/3xxx/CVE-2007-3438.json +++ b/2007/3xxx/CVE-2007-3438.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3438", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3438", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=297&", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=297&" - }, - { - "name" : "45429", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45429" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the SIP header parsing module in the Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to execute arbitrary code via a malformed message, a different vulnerability than CVE-2007-3361." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45429", + "refsource": "OSVDB", + "url": "http://osvdb.org/45429" + }, + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=297&", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=297&" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3554.json b/2007/3xxx/CVE-2007-3554.json index 87dc4f91881..49d946aecab 100644 --- a/2007/3xxx/CVE-2007-3554.json +++ b/2007/3xxx/CVE-2007-3554.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3554", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3554", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472728/100/0/threaded" - }, - { - "name" : "http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1183360239.ff.php&page=last", - "refsource" : "MISC", - "url" : "http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1183360239.ff.php&page=last" - }, - { - "name" : "HPSBPI02228", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597" - }, - { - "name" : "SSRT071404", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597" - }, - { - "name" : "24730", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24730" - }, - { - "name" : "37832", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37832" - }, - { - "name" : "ADV-2007-2413", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2413" - }, - { - "name" : "1018331", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018331" - }, - { - "name" : "25918", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25918" - }, - { - "name" : "hp-instantsupport-drivercheck-bo(35228)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2413", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2413" + }, + { + "name": "http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1183360239.ff.php&page=last", + "refsource": "MISC", + "url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1183360239.ff.php&page=last" + }, + { + "name": "hp-instantsupport-drivercheck-bo(35228)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228" + }, + { + "name": "SSRT071404", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597" + }, + { + "name": "37832", + "refsource": "OSVDB", + "url": "http://osvdb.org/37832" + }, + { + "name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded" + }, + { + "name": "1018331", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018331" + }, + { + "name": "HPSBPI02228", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597" + }, + { + "name": "25918", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25918" + }, + { + "name": "24730", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24730" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3686.json b/2007/3xxx/CVE-2007-3686.json index 53634cba17e..323fc140d84 100644 --- a/2007/3xxx/CVE-2007-3686.json +++ b/2007/3xxx/CVE-2007-3686.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3686", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3686", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml", - "refsource" : "MISC", - "url" : "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml" - }, - { - "name" : "24840", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24840" - }, - { - "name" : "35936", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35936" - }, - { - "name" : "25985", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25985" - }, - { - "name" : "unobtrusive-ajax-db-crlf-injection(35329)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35329" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25985", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25985" + }, + { + "name": "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml", + "refsource": "MISC", + "url": "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml" + }, + { + "name": "24840", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24840" + }, + { + "name": "unobtrusive-ajax-db-crlf-injection(35329)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35329" + }, + { + "name": "35936", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35936" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3800.json b/2007/3xxx/CVE-2007-3800.json index f09cc7a809f..bfb44894bc4 100644 --- a/2007/3xxx/CVE-2007-3800.json +++ b/2007/3xxx/CVE-2007-3800.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3800", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3800", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html", - "refsource" : "CONFIRM", - "url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html" - }, - { - "name" : "24810", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24810" - }, - { - "name" : "36116", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36116" - }, - { - "name" : "ADV-2007-2506", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2506" - }, - { - "name" : "26054", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26054" - }, - { - "name" : "symantec-antivirus-rtv-privilege-escalation(35352)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "symantec-antivirus-rtv-privilege-escalation(35352)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352" + }, + { + "name": "24810", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24810" + }, + { + "name": "26054", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26054" + }, + { + "name": "ADV-2007-2506", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2506" + }, + { + "name": "36116", + "refsource": "OSVDB", + "url": "http://osvdb.org/36116" + }, + { + "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html", + "refsource": "CONFIRM", + "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3972.json b/2007/3xxx/CVE-2007-3972.json index 93fe362e807..3ddc7171db0 100644 --- a/2007/3xxx/CVE-2007-3972.json +++ b/2007/3xxx/CVE-2007-3972.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3972", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3972", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474246/100/0/threaded" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt" - }, - { - "name" : "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26", - "refsource" : "CONFIRM", - "url" : "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26" - }, - { - "name" : "24988", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24988" - }, - { - "name" : "ADV-2007-2602", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2602" - }, - { - "name" : "37978", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37978" - }, - { - "name" : "26124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26124" - }, - { - "name" : "2924", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2924" - }, - { - "name" : "nod32-aspack-fsg-dos(35524)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.pdf" + }, + { + "name": "26124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26124" + }, + { + "name": "2924", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2924" + }, + { + "name": "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26", + "refsource": "CONFIRM", + "url": "http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26" + }, + { + "name": "24988", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24988" + }, + { + "name": "37978", + "refsource": "OSVDB", + "url": "http://osvdb.org/37978" + }, + { + "name": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.018]%20-%20NOD32%20Antivirus%20ASPACK%20and%20FSG%20parsing%20Divide%20by%20Zero%20Advisory.txt" + }, + { + "name": "nod32-aspack-fsg-dos(35524)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35524" + }, + { + "name": "ADV-2007-2602", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2602" + }, + { + "name": "20070720 2007-07-20 - n.runs-SA-2007.018 - NOD32 Antivirus ASPACK and FSG parsing Divide by Zero Advisory", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474246/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4676.json b/2007/4xxx/CVE-2007-4676.json index 1d037dfdfd6..4d7bc984bd1 100644 --- a/2007/4xxx/CVE-2007-4676.json +++ b/2007/4xxx/CVE-2007-4676.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4676", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4676", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071105 ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483311/100/0/threaded" - }, - { - "name" : "20071105 ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483313/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306896", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306896" - }, - { - "name" : "APPLE-SA-2007-11-05", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" - }, - { - "name" : "TA07-310A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" - }, - { - "name" : "VU#690515", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/690515" - }, - { - "name" : "26345", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26345" - }, - { - "name" : "ADV-2007-3723", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3723" - }, - { - "name" : "38546", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38546" - }, - { - "name" : "1018894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018894" - }, - { - "name" : "27523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27523" - }, - { - "name" : "3351", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3351" - }, - { - "name" : "quicktime-packbitsrgn-bo(38280)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280" - }, - { - "name" : "quicktime-poly-type-bo(38281)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-066.html" + }, + { + "name": "TA07-310A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306896", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306896" + }, + { + "name": "quicktime-packbitsrgn-bo(38280)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38280" + }, + { + "name": "3351", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3351" + }, + { + "name": "38546", + "refsource": "OSVDB", + "url": "http://osvdb.org/38546" + }, + { + "name": "APPLE-SA-2007-11-05", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" + }, + { + "name": "27523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27523" + }, + { + "name": "VU#690515", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/690515" + }, + { + "name": "20071105 ZDI-07-066: Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483311/100/0/threaded" + }, + { + "name": "20071105 ZDI-07-067: Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483313/100/0/threaded" + }, + { + "name": "1018894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018894" + }, + { + "name": "ADV-2007-3723", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3723" + }, + { + "name": "quicktime-poly-type-bo(38281)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38281" + }, + { + "name": "26345", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26345" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-067.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4862.json b/2007/4xxx/CVE-2007-4862.json index 3fe4ee085d9..03b2928963b 100644 --- a/2007/4xxx/CVE-2007-4862.json +++ b/2007/4xxx/CVE-2007-4862.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4862", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[news_url] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071029 SAXON version 5.4 XSS Attack Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482920/100/0/threaded" - }, - { - "name" : "http://www.netvigilance.com/advisory0054", - "refsource" : "MISC", - "url" : "http://www.netvigilance.com/advisory0054" - }, - { - "name" : "http://www.quirm.net/punbb/viewtopic.php?id=129", - "refsource" : "CONFIRM", - "url" : "http://www.quirm.net/punbb/viewtopic.php?id=129" - }, - { - "name" : "26237", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26237" - }, - { - "name" : "27444", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27444" - }, - { - "name" : "3310", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3310" - }, - { - "name" : "saxon-menu-xss(38134)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38134" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the config[news_url] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "saxon-menu-xss(38134)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38134" + }, + { + "name": "26237", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26237" + }, + { + "name": "http://www.quirm.net/punbb/viewtopic.php?id=129", + "refsource": "CONFIRM", + "url": "http://www.quirm.net/punbb/viewtopic.php?id=129" + }, + { + "name": "3310", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3310" + }, + { + "name": "20071029 SAXON version 5.4 XSS Attack Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482920/100/0/threaded" + }, + { + "name": "http://www.netvigilance.com/advisory0054", + "refsource": "MISC", + "url": "http://www.netvigilance.com/advisory0054" + }, + { + "name": "27444", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27444" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4889.json b/2007/4xxx/CVE-2007-4889.json index 5d1fb1f324c..cc2bc8a89b9 100644 --- a/2007/4xxx/CVE-2007-4889.json +++ b/2007/4xxx/CVE-2007-4889.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070911 PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479082/100/0/threaded" - }, - { - "name" : "20070912 Re Re: PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479189/100/200/threaded" - }, - { - "name" : "20070912 Re: PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479187/100/200/threaded" - }, - { - "name" : "3134", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3134" - }, - { - "name" : "php-multiple-functions-security-bypass(36555)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3134", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3134" + }, + { + "name": "20070911 PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479082/100/0/threaded" + }, + { + "name": "php-multiple-functions-security-bypass(36555)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36555" + }, + { + "name": "20070912 Re: PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479187/100/200/threaded" + }, + { + "name": "20070912 Re Re: PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479189/100/200/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4895.json b/2007/4xxx/CVE-2007-4895.json index abdf78fb910..5b5ce1eddad 100644 --- a/2007/4xxx/CVE-2007-4895.json +++ b/2007/4xxx/CVE-2007-4895.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4895", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4895", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4386", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4386" - }, - { - "name" : "sisfokampus-dwoprn-directory-traversal(36534)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36534" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in dwoprn.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the f parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sisfokampus-dwoprn-directory-traversal(36534)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36534" + }, + { + "name": "4386", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4386" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6184.json b/2007/6xxx/CVE-2007-6184.json index 120cc77ed4a..fad916c3c49 100644 --- a/2007/6xxx/CVE-2007-6184.json +++ b/2007/6xxx/CVE-2007-6184.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4669", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4669" - }, - { - "name" : "http://downloads.sourceforge.net/project-alumni/security-patch-1.0.9.zip?modtime=1196251519&big_mirror=0", - "refsource" : "CONFIRM", - "url" : "http://downloads.sourceforge.net/project-alumni/security-patch-1.0.9.zip?modtime=1196251519&big_mirror=0" - }, - { - "name" : "26612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26612" - }, - { - "name" : "27820", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27820" - }, - { - "name" : "projectalumni-index-directory-traversal(38681)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38681" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4669", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4669" + }, + { + "name": "http://downloads.sourceforge.net/project-alumni/security-patch-1.0.9.zip?modtime=1196251519&big_mirror=0", + "refsource": "CONFIRM", + "url": "http://downloads.sourceforge.net/project-alumni/security-patch-1.0.9.zip?modtime=1196251519&big_mirror=0" + }, + { + "name": "projectalumni-index-directory-traversal(38681)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38681" + }, + { + "name": "26612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26612" + }, + { + "name": "27820", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27820" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6325.json b/2007/6xxx/CVE-2007-6325.json index 49c1acd0d86..8e2c6f0c602 100644 --- a/2007/6xxx/CVE-2007-6325.json +++ b/2007/6xxx/CVE-2007-6325.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4725", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4725" - }, - { - "name" : "26845", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26845" - }, - { - "name" : "ADV-2007-4206", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4206" - }, - { - "name" : "39153", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/39153" - }, - { - "name" : "28054", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28054" - }, - { - "name" : "fastpublish-designconfig-file-include(39013)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39013" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "fastpublish-designconfig-file-include(39013)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39013" + }, + { + "name": "26845", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26845" + }, + { + "name": "4725", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4725" + }, + { + "name": "ADV-2007-4206", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4206" + }, + { + "name": "39153", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/39153" + }, + { + "name": "28054", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28054" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6335.json b/2007/6xxx/CVE-2007-6335.json index 290eb8b2bbe..d8c3b399fc7 100644 --- a/2007/6xxx/CVE-2007-6335.json +++ b/2007/6xxx/CVE-2007-6335.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071218 ClamAV libclamav MEW PE File Integer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634" - }, - { - "name" : "4862", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4862" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "DSA-1435", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1435" - }, - { - "name" : "FEDORA-2008-0115", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html" - }, - { - "name" : "FEDORA-2008-0170", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html" - }, - { - "name" : "GLSA-200712-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-20.xml" - }, - { - "name" : "MDVSA-2008:003", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:003" - }, - { - "name" : "SUSE-SR:2008:001", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" - }, - { - "name" : "26927", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26927" - }, - { - "name" : "ADV-2007-4253", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4253" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "1019112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019112" - }, - { - "name" : "28117", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28117" - }, - { - "name" : "28176", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28176" - }, - { - "name" : "28278", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28278" - }, - { - "name" : "28153", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28153" - }, - { - "name" : "28421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28421" - }, - { - "name" : "28412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28412" - }, - { - "name" : "28587", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28587" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "clamantivirus-libclamav-mewpe-bo(39119)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39119" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071218 ClamAV libclamav MEW PE File Integer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634" + }, + { + "name": "MDVSA-2008:003", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:003" + }, + { + "name": "26927", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26927" + }, + { + "name": "DSA-1435", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1435" + }, + { + "name": "28412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28412" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "FEDORA-2008-0170", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html" + }, + { + "name": "1019112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019112" + }, + { + "name": "clamantivirus-libclamav-mewpe-bo(39119)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39119" + }, + { + "name": "28421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28421" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "FEDORA-2008-0115", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html" + }, + { + "name": "28176", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28176" + }, + { + "name": "28587", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28587" + }, + { + "name": "28153", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28153" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "GLSA-200712-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-20.xml" + }, + { + "name": "4862", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4862" + }, + { + "name": "28117", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28117" + }, + { + "name": "ADV-2007-4253", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4253" + }, + { + "name": "28278", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28278" + }, + { + "name": "SUSE-SR:2008:001", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6442.json b/2007/6xxx/CVE-2007-6442.json index c3f407650e1..4bb8d11cda6 100644 --- a/2007/6xxx/CVE-2007-6442.json +++ b/2007/6xxx/CVE-2007-6442.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6442", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-6442", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candidate is a duplicate of CVE-2007-6114. Notes: All CVE users should reference CVE-2007-6114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1613.json b/2010/1xxx/CVE-2010-1613.json index 11c55d94650..f007e27bd79 100644 --- a/2010/1xxx/CVE-2010-1613.json +++ b/2010/1xxx/CVE-2010-1613.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1613", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the \"Regenerate session id during login\" setting by default, which makes it easier for remote attackers to conduct session fixation attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1613", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://moodle.org/security/", - "refsource" : "CONFIRM", - "url" : "http://moodle.org/security/" - }, - { - "name" : "SUSE-SR:2010:011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" - }, - { - "name" : "ADV-2010-1107", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1107" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the \"Regenerate session id during login\" setting by default, which makes it easier for remote attackers to conduct session fixation attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-1107", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1107" + }, + { + "name": "http://moodle.org/security/", + "refsource": "CONFIRM", + "url": "http://moodle.org/security/" + }, + { + "name": "SUSE-SR:2010:011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1684.json b/2010/1xxx/CVE-2010-1684.json index 9935e9b73f3..52583671f29 100644 --- a/2010/1xxx/CVE-2010-1684.json +++ b/2010/1xxx/CVE-2010-1684.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1684", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1684", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0093.json b/2014/0xxx/CVE-2014-0093.json index 35070d2520f..137761cf4e7 100644 --- a/2014/0xxx/CVE-2014-0093.json +++ b/2014/0xxx/CVE-2014-0093.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0093", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0093", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2014:0343", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0343.html" - }, - { - "name" : "RHSA-2014:0344", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0344.html" - }, - { - "name" : "RHSA-2014:0345", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0345.html" - }, - { - "name" : "66596", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66596" - }, - { - "name" : "57675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0345", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0345.html" + }, + { + "name": "57675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57675" + }, + { + "name": "RHSA-2014:0344", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0344.html" + }, + { + "name": "RHSA-2014:0343", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0343.html" + }, + { + "name": "66596", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66596" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0559.json b/2014/0xxx/CVE-2014-0559.json index 90c41e516c1..f00b4414f8e 100644 --- a/2014/0xxx/CVE-2014-0559.json +++ b/2014/0xxx/CVE-2014-0559.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0559", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0559", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" - }, - { - "name" : "GLSA-201409-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml" - }, - { - "name" : "SUSE-SU-2014:1124", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" - }, - { - "name" : "openSUSE-SU-2014:1110", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" - }, - { - "name" : "openSUSE-SU-2014:1130", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" - }, - { - "name" : "69704", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69704" - }, - { - "name" : "1030822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030822" - }, - { - "name" : "61089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61089" - }, - { - "name" : "adobe-flash-cve20140559-bo(95828)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201409-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201409-05.xml" + }, + { + "name": "61089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61089" + }, + { + "name": "openSUSE-SU-2014:1130", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" + }, + { + "name": "openSUSE-SU-2014:1110", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" + }, + { + "name": "69704", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69704" + }, + { + "name": "adobe-flash-cve20140559-bo(95828)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95828" + }, + { + "name": "SUSE-SU-2014:1124", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" + }, + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" + }, + { + "name": "1030822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030822" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0597.json b/2014/0xxx/CVE-2014-0597.json index 3bc9e90b38c..8f8ef6ae447 100644 --- a/2014/0xxx/CVE-2014-0597.json +++ b/2014/0xxx/CVE-2014-0597.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0597", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0597", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1254.json b/2014/1xxx/CVE-2014-1254.json index 9146a541ada..8de5878c307 100644 --- a/2014/1xxx/CVE-2014-1254.json +++ b/2014/1xxx/CVE-2014-1254.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6150", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6150" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT6150", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6150" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1309.json b/2014/1xxx/CVE-2014-1309.json index 01d83d775bf..210e9eb9380 100644 --- a/2014/1xxx/CVE-2014-1309.json +++ b/2014/1xxx/CVE-2014-1309.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT6537", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6537" - }, - { - "name" : "APPLE-SA-2014-04-01-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" - }, - { - "name" : "APPLE-SA-2014-04-22-2", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html" - }, - { - "name" : "APPLE-SA-2014-04-22-3", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2014-04-22-2", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html" + }, + { + "name": "https://support.apple.com/kb/HT6537", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6537" + }, + { + "name": "APPLE-SA-2014-04-22-3", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html" + }, + { + "name": "APPLE-SA-2014-04-01-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1639.json b/2014/1xxx/CVE-2014-1639.json index a1a1904e918..c74f142fab9 100644 --- a/2014/1xxx/CVE-2014-1639.json +++ b/2014/1xxx/CVE-2014-1639.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140122 Getting tempfile/mktemp wrong", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/01/22/3" - }, - { - "name" : "[oss-security] 20140122 Re: Getting tempfile/mktemp wrong", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/01/22/4" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736357", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736357" - }, - { - "name" : "65098", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65098" - }, - { - "name" : "102380", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/102380" - }, - { - "name" : "syncevolution-cve20141639-symlink(90662)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90662" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140122 Re: Getting tempfile/mktemp wrong", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/01/22/4" + }, + { + "name": "syncevolution-cve20141639-symlink(90662)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90662" + }, + { + "name": "102380", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/102380" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736357", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736357" + }, + { + "name": "65098", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65098" + }, + { + "name": "[oss-security] 20140122 Getting tempfile/mktemp wrong", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/01/22/3" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1860.json b/2014/1xxx/CVE-2014-1860.json index 78297d3fa27..189b1130e5f 100644 --- a/2014/1xxx/CVE-2014-1860.json +++ b/2014/1xxx/CVE-2014-1860.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1860", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1860", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5002.json b/2014/5xxx/CVE-2014-5002.json index 6611adfc6cd..28d3562bc77 100644 --- a/2014/5xxx/CVE-2014-5002.json +++ b/2014/5xxx/CVE-2014-5002.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140707 Vulnerability Report for Ruby Gem lynx-0.2.0", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/07/23" - }, - { - "name" : "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/17/5" - }, - { - "name" : "http://www.vapid.dhs.org/advisories/lynx-0.2.0.html", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/lynx-0.2.0.html" - }, - { - "name" : "https://github.com/panthomakos/lynx/issues/3", - "refsource" : "MISC", - "url" : "https://github.com/panthomakos/lynx/issues/3" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140707 Vulnerability Report for Ruby Gem lynx-0.2.0", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/07/23" + }, + { + "name": "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/17/5" + }, + { + "name": "https://github.com/panthomakos/lynx/issues/3", + "refsource": "MISC", + "url": "https://github.com/panthomakos/lynx/issues/3" + }, + { + "name": "http://www.vapid.dhs.org/advisories/lynx-0.2.0.html", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/lynx-0.2.0.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5023.json b/2014/5xxx/CVE-2014-5023.json index 1aa9112abbc..76b8b136104 100644 --- a/2014/5xxx/CVE-2014-5023.json +++ b/2014/5xxx/CVE-2014-5023.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a \"git checkout -b\" command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hatriot.github.io/blog/2014/06/29/gitlist-rce/", - "refsource" : "MISC", - "url" : "http://hatriot.github.io/blog/2014/06/29/gitlist-rce/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a \"git checkout -b\" command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://hatriot.github.io/blog/2014/06/29/gitlist-rce/", + "refsource": "MISC", + "url": "http://hatriot.github.io/blog/2014/06/29/gitlist-rce/" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5027.json b/2014/5xxx/CVE-2014-5027.json index d38f6c0aab5..8c4e223d801 100644 --- a/2014/5xxx/CVE-2014-5027.json +++ b/2014/5xxx/CVE-2014-5027.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140721 CVE requests for Review Board", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q3/207" - }, - { - "name" : "[oss-security] 20140722 Re: CVE requests for Review Board", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q3/219" - }, - { - "name" : "https://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27", - "refsource" : "CONFIRM", - "url" : "https://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27" - }, - { - "name" : "https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.4", - "refsource" : "CONFIRM", - "url" : "https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.4" - }, - { - "name" : "https://www.reviewboard.org/news/2014/07/22/review-board-1-7-27-and-2-0-3-security-releases", - "refsource" : "CONFIRM", - "url" : "https://www.reviewboard.org/news/2014/07/22/review-board-1-7-27-and-2-0-3-security-releases" - }, - { - "name" : "68858", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68858" - }, - { - "name" : "60243", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140721 CVE requests for Review Board", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q3/207" + }, + { + "name": "https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.4", + "refsource": "CONFIRM", + "url": "https://www.reviewboard.org/docs/releasenotes/reviewboard/2.0.4" + }, + { + "name": "60243", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60243" + }, + { + "name": "https://www.reviewboard.org/news/2014/07/22/review-board-1-7-27-and-2-0-3-security-releases", + "refsource": "CONFIRM", + "url": "https://www.reviewboard.org/news/2014/07/22/review-board-1-7-27-and-2-0-3-security-releases" + }, + { + "name": "[oss-security] 20140722 Re: CVE requests for Review Board", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q3/219" + }, + { + "name": "68858", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68858" + }, + { + "name": "https://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27", + "refsource": "CONFIRM", + "url": "https://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2000.json b/2015/2xxx/CVE-2015-2000.json index 7b921500878..a6825c6568c 100644 --- a/2015/2xxx/CVE-2015-2000.json +++ b/2015/2xxx/CVE-2015-2000.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://alephsecurity.com/vulns/aleph-2015001", - "refsource" : "MISC", - "url" : "https://alephsecurity.com/vulns/aleph-2015001" - }, - { - "name" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", - "refsource" : "MISC", - "url" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", + "refsource": "MISC", + "url": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" + }, + { + "name": "https://alephsecurity.com/vulns/aleph-2015001", + "refsource": "MISC", + "url": "https://alephsecurity.com/vulns/aleph-2015001" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2015.json b/2015/2xxx/CVE-2015-2015.json index f148b8388ac..7edf6ab3bbc 100644 --- a/2015/2xxx/CVE-2015-2015.json +++ b/2015/2xxx/CVE-2015-2015.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Directory template) in the web server in IBM Domino before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH8WBPRN." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963016", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963016" - }, - { - "name" : "1033271", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033271" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in pubnames.ntf (aka the Directory template) in the web server in IBM Domino before 9.0.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH8WBPRN." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033271", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033271" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21963016", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963016" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2180.json b/2015/2xxx/CVE-2015-2180.json index 6af335e4d7c..2e0527ced84 100644 --- a/2015/2xxx/CVE-2015-2180.json +++ b/2015/2xxx/CVE-2015-2180.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/roundcube/roundcubemail/issues/4757", - "refsource" : "CONFIRM", - "url" : "https://github.com/roundcube/roundcubemail/issues/4757" - }, - { - "name" : "96387", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96387" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96387", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96387" + }, + { + "name": "https://github.com/roundcube/roundcubemail/issues/4757", + "refsource": "CONFIRM", + "url": "https://github.com/roundcube/roundcubemail/issues/4757" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2208.json b/2015/2xxx/CVE-2015-2208.json index f6c6f964da1..3f417b4322a 100644 --- a/2015/2xxx/CVE-2015-2208.json +++ b/2015/2xxx/CVE-2015-2208.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36251", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/36251" - }, - { - "name" : "20150304 PHPMoAdmin Unauthorized Remote Code Execution (0-Day)", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/19" - }, - { - "name" : "[oss-security] 20150304 CVE request: PHPMoAdmin Unauthorized Remote Code Execution", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/04/4" - }, - { - "name" : "[oss-security] 20150304 Re: CVE request: PHPMoAdmin Unauthorized Remote Code Execution", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/04/5" - }, - { - "name" : "http://packetstormsecurity.com/files/130685/PHPMoAdmin-1.1.2-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130685/PHPMoAdmin-1.1.2-Remote-Code-Execution.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150304 PHPMoAdmin Unauthorized Remote Code Execution (0-Day)", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/19" + }, + { + "name": "http://packetstormsecurity.com/files/130685/PHPMoAdmin-1.1.2-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130685/PHPMoAdmin-1.1.2-Remote-Code-Execution.html" + }, + { + "name": "36251", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/36251" + }, + { + "name": "[oss-security] 20150304 CVE request: PHPMoAdmin Unauthorized Remote Code Execution", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/04/4" + }, + { + "name": "[oss-security] 20150304 Re: CVE request: PHPMoAdmin Unauthorized Remote Code Execution", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/04/5" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10039.json b/2016/10xxx/CVE-2016-10039.json index cba05a0bee5..802e9bdcbbd 100644 --- a/2016/10xxx/CVE-2016-10039.json +++ b/2016/10xxx/CVE-2016-10039.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10039", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10039", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/modxcms/revolution/pull/13177", - "refsource" : "CONFIRM", - "url" : "https://github.com/modxcms/revolution/pull/13177" - }, - { - "name" : "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt", - "refsource" : "CONFIRM", - "url" : "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt" - }, - { - "name" : "95096", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95096" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95096", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95096" + }, + { + "name": "https://github.com/modxcms/revolution/pull/13177", + "refsource": "CONFIRM", + "url": "https://github.com/modxcms/revolution/pull/13177" + }, + { + "name": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt", + "refsource": "CONFIRM", + "url": "https://raw.githubusercontent.com/modxcms/revolution/v2.5.2-pl/core/docs/changelog.txt" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10385.json b/2016/10xxx/CVE-2016-10385.json index ec2cbeb5229..c2b5216042e 100644 --- a/2016/10xxx/CVE-2016-10385.json +++ b/2016/10xxx/CVE-2016-10385.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10385", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 210/SD 212/SD 205, SD 430, SD 615/16/SD 415, SD 625, SD 820" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use-After-Free in IMS" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10385", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 210/SD 212/SD 205, SD 430, SD 615/16/SD 415, SD 625, SD 820" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-After-Free in IMS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10407.json b/2016/10xxx/CVE-2016-10407.json index 42ecb9f0c9c..8cd37768854 100644 --- a/2016/10xxx/CVE-2016-10407.json +++ b/2016/10xxx/CVE-2016-10407.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, an integer overflow leading to buffer overflow can occur during a VT call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Overflow to Buffer Overflow in Data" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, an integer overflow leading to buffer overflow can occur during a VT call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow to Buffer Overflow in Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10568.json b/2016/10xxx/CVE-2016-10568.json index df54cf7f2b9..1656b500904 100644 --- a/2016/10xxx/CVE-2016-10568.json +++ b/2016/10xxx/CVE-2016-10568.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10568", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "geoip-lite-country node module", - "version" : { - "version_data" : [ - { - "version_value" : "<1.1.4" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10568", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "geoip-lite-country node module", + "version": { + "version_data": [ + { + "version_value": "<1.1.4" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/183", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/183" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/183", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/183" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10615.json b/2016/10xxx/CVE-2016-10615.json index 887ddd055b9..fd5a1101f64 100644 --- a/2016/10xxx/CVE-2016-10615.json +++ b/2016/10xxx/CVE-2016-10615.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "curses node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "curses node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/215", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "curses is bindings for the native curses library, a full featured console IO library. curses downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/215", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/215" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4057.json b/2016/4xxx/CVE-2016-4057.json index 5752dc711bb..378366d5cb1 100644 --- a/2016/4xxx/CVE-2016-4057.json +++ b/2016/4xxx/CVE-2016-4057.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4057", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en" - }, - { - "name" : "85738", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85738" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "85738", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85738" + }, + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160330-01-fusioncompute-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4178.json b/2016/4xxx/CVE-2016-4178.json index f32da1437ee..2fb23986540 100644 --- a/2016/4xxx/CVE-2016-4178.json +++ b/2016/4xxx/CVE-2016-4178.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4178", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4178", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "MS16-093", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91723", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91723" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "91723", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91723" + }, + { + "name": "MS16-093", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4680.json b/2016/4xxx/CVE-2016-4680.json index 620ac3ea9b6..190bcec859e 100644 --- a/2016/4xxx/CVE-2016-4680.json +++ b/2016/4xxx/CVE-2016-4680.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4680", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4680", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207269", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207269" - }, - { - "name" : "https://support.apple.com/HT207270", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207270" - }, - { - "name" : "https://support.apple.com/HT207271", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207271" - }, - { - "name" : "93854", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93854" - }, - { - "name" : "1037088", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037088" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows attackers to obtain sensitive information from kernel memory via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207271", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207271" + }, + { + "name": "1037088", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037088" + }, + { + "name": "93854", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93854" + }, + { + "name": "https://support.apple.com/HT207269", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207269" + }, + { + "name": "https://support.apple.com/HT207270", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207270" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4830.json b/2016/4xxx/CVE-2016-4830.json index 5221e6ca40d..4fcbca27f9d 100644 --- a/2016/4xxx/CVE-2016-4830.json +++ b/2016/4xxx/CVE-2016-4830.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4830", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4830", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#30260727", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN30260727/index.html" - }, - { - "name" : "JVNDB-2016-000122", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000122.html" - }, - { - "name" : "91490", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91490" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000122", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000122.html" + }, + { + "name": "JVN#30260727", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN30260727/index.html" + }, + { + "name": "91490", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91490" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8031.json b/2016/8xxx/CVE-2016-8031.json index d02605e57bb..09fa7614f9d 100644 --- a/2016/8xxx/CVE-2016-8031.json +++ b/2016/8xxx/CVE-2016-8031.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2016-8031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Anti-Virus Engine (AVE)", - "version" : { - "version_data" : [ - { - "version_value" : "5200 through 5800" - } - ] - } - } - ] - }, - "vendor_name" : "Intel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Software Integrity Attacks vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2016-8031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Anti-Virus Engine (AVE)", + "version": { + "version_data": [ + { + "version_value": "5200 through 5800" + } + ] + } + } + ] + }, + "vendor_name": "Intel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10191", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10191" - }, - { - "name" : "97142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97142" - }, - { - "name" : "1038159", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038159" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Software Integrity Attacks vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1038159", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038159" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10191", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10191" + }, + { + "name": "97142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97142" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8373.json b/2016/8xxx/CVE-2016-8373.json index e42dab3e901..d171ed8e267 100644 --- a/2016/8xxx/CVE-2016-8373.json +++ b/2016/8xxx/CVE-2016-8373.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8373", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8373", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9422.json b/2016/9xxx/CVE-2016-9422.json index 4418103aac9..90c6abd7d8c 100644 --- a/2016/9xxx/CVE-2016-9422.json +++ b/2016/9xxx/CVE-2016-9422.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/3" - }, - { - "name" : "https://github.com/tats/w3m/blob/master/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/blob/master/ChangeLog" - }, - { - "name" : "https://github.com/tats/w3m/issues/8", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/issues/8" - }, - { - "name" : "GLSA-201701-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-08" - }, - { - "name" : "94407", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94407" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-08" + }, + { + "name": "https://github.com/tats/w3m/blob/master/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/blob/master/ChangeLog" + }, + { + "name": "https://github.com/tats/w3m/issues/8", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/issues/8" + }, + { + "name": "94407", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94407" + }, + { + "name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9577.json b/2016/9xxx/CVE-2016-9577.json index 2bd78bbc2b5..cd87ce4bdf3 100644 --- a/2016/9xxx/CVE-2016-9577.json +++ b/2016/9xxx/CVE-2016-9577.json @@ -1,116 +1,116 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "anemec@redhat.com", - "ID" : "CVE-2016-9577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "spice", - "version" : { - "version_data" : [ - { - "version_value" : "0.13.90" - } - ] - } - } - ] - }, - "vendor_name" : "Red Hat" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-9577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "spice", + "version": { + "version_data": [ + { + "version_value": "0.13.90" + } + ] + } + } + ] + }, + "vendor_name": "Red Hat" + } ] - }, - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-122" - } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ], + [ + { + "vectorString": "6.0/AV:N/AC:M/Au:S/C:P/I:P/A:P", + "version": "2.0" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577" - }, - { - "name" : "DSA-3790", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2017/dsa-3790" - }, - { - "name" : "RHSA-2017:0253", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0253.html" - }, - { - "name" : "RHSA-2017:0254", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:0254" - }, - { - "name" : "RHSA-2017:0549", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0549.html" - }, - { - "name" : "RHSA-2017:0552", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:0552" - }, - { - "name" : "96040", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96040" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-122" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:0552", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:0552" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577" + }, + { + "name": "RHSA-2017:0254", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:0254" + }, + { + "name": "DSA-3790", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2017/dsa-3790" + }, + { + "name": "96040", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96040" + }, + { + "name": "RHSA-2017:0253", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0253.html" + }, + { + "name": "RHSA-2017:0549", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0549.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9714.json b/2016/9xxx/CVE-2016-9714.json index f2d9b05a9ac..a9ce6180a71 100644 --- a/2016/9xxx/CVE-2016-9714.json +++ b/2016/9xxx/CVE-2016-9714.json @@ -1,89 +1,89 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-07-27T00:00:00", - "ID" : "CVE-2016-9714", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "InfoSphere Master Data Management", - "version" : { - "version_data" : [ - { - "version_value" : "10.1" - }, - { - "version_value" : "11.0" - }, - { - "version_value" : "11.3" - }, - { - "version_value" : "11.4" - }, - { - "version_value" : "10.1.0" - }, - { - "version_value" : "11.0.0" - }, - { - "version_value" : "11.5" - }, - { - "version_value" : "11.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119727." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-07-27T00:00:00", + "ID": "CVE-2016-9714", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "InfoSphere Master Data Management", + "version": { + "version_data": [ + { + "version_value": "10.1" + }, + { + "version_value": "11.0" + }, + { + "version_value": "11.3" + }, + { + "version_value": "11.4" + }, + { + "version_value": "10.1.0" + }, + { + "version_value": "11.0.0" + }, + { + "version_value": "11.5" + }, + { + "version_value": "11.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119727", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119727" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22006608", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22006608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119727." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119727", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119727" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22006608", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22006608" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9754.json b/2016/9xxx/CVE-2016-9754.json index dc7660a7768..e812dc8d1c5 100644 --- a/2016/9xxx/CVE-2016-9754.json +++ b/2016/9xxx/CVE-2016-9754.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-9754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1" - }, - { - "name" : "https://github.com/torvalds/linux/commit/59643d1535eb220668692a5359de22545af579f6", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/59643d1535eb220668692a5359de22545af579f6" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "95278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95278" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1" + }, + { + "name": "95278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95278" + }, + { + "name": "https://github.com/torvalds/linux/commit/59643d1535eb220668692a5359de22545af579f6", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/59643d1535eb220668692a5359de22545af579f6" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59643d1535eb220668692a5359de22545af579f6" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9786.json b/2016/9xxx/CVE-2016-9786.json index a7d5c0aa9c4..0b87d0189ed 100644 --- a/2016/9xxx/CVE-2016-9786.json +++ b/2016/9xxx/CVE-2016-9786.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9786", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9786", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2037.json b/2019/2xxx/CVE-2019-2037.json index 786c6a6848f..f7246ccfcc9 100644 --- a/2019/2xxx/CVE-2019-2037.json +++ b/2019/2xxx/CVE-2019-2037.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2037", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2037", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2656.json b/2019/2xxx/CVE-2019-2656.json index 0f46833569e..0f7b952125b 100644 --- a/2019/2xxx/CVE-2019-2656.json +++ b/2019/2xxx/CVE-2019-2656.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2656", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2656", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2680.json b/2019/2xxx/CVE-2019-2680.json index 183670e5ef0..bf93d7997ff 100644 --- a/2019/2xxx/CVE-2019-2680.json +++ b/2019/2xxx/CVE-2019-2680.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2680", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2680", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3061.json b/2019/3xxx/CVE-2019-3061.json index f61e03cbb45..f479cf36998 100644 --- a/2019/3xxx/CVE-2019-3061.json +++ b/2019/3xxx/CVE-2019-3061.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3061", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3061", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3664.json b/2019/3xxx/CVE-2019-3664.json index 6c681e23a4f..6445491c77b 100644 --- a/2019/3xxx/CVE-2019-3664.json +++ b/2019/3xxx/CVE-2019-3664.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3664", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3664", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3814.json b/2019/3xxx/CVE-2019-3814.json index 465a5664091..096e992e5db 100644 --- a/2019/3xxx/CVE-2019-3814.json +++ b/2019/3xxx/CVE-2019-3814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3814", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3814", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3934.json b/2019/3xxx/CVE-2019-3934.json index 1c51bf76bad..a31177d8740 100644 --- a/2019/3xxx/CVE-2019-3934.json +++ b/2019/3xxx/CVE-2019-3934.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3934", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3934", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6031.json b/2019/6xxx/CVE-2019-6031.json index 8b3fab00431..a98877115bc 100644 --- a/2019/6xxx/CVE-2019-6031.json +++ b/2019/6xxx/CVE-2019-6031.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6031", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6031", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6450.json b/2019/6xxx/CVE-2019-6450.json index 8ad6b4e173e..357c82e6444 100644 --- a/2019/6xxx/CVE-2019-6450.json +++ b/2019/6xxx/CVE-2019-6450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6450", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6450", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7264.json b/2019/7xxx/CVE-2019-7264.json index f6124618d29..02f7aa06e96 100644 --- a/2019/7xxx/CVE-2019-7264.json +++ b/2019/7xxx/CVE-2019-7264.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7264", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7264", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7278.json b/2019/7xxx/CVE-2019-7278.json index 4f6e2a15f84..34785da9d42 100644 --- a/2019/7xxx/CVE-2019-7278.json +++ b/2019/7xxx/CVE-2019-7278.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7278", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7278", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7552.json b/2019/7xxx/CVE-2019-7552.json index 2ae8863cf18..c89388754cd 100644 --- a/2019/7xxx/CVE-2019-7552.json +++ b/2019/7xxx/CVE-2019-7552.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7552", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7552", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7903.json b/2019/7xxx/CVE-2019-7903.json index 4b2c054fe7c..902b991c070 100644 --- a/2019/7xxx/CVE-2019-7903.json +++ b/2019/7xxx/CVE-2019-7903.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7903", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7903", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file