diff --git a/1999/0xxx/CVE-1999-0451.json b/1999/0xxx/CVE-1999-0451.json index 8488e79b8bb..887eef29344 100644 --- a/1999/0xxx/CVE-1999-0451.json +++ b/1999/0xxx/CVE-1999-0451.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/343" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0721.json b/1999/0xxx/CVE-1999-0721.json index 9a3de287381..34fde40411a 100644 --- a/1999/0xxx/CVE-1999-0721.json +++ b/1999/0xxx/CVE-1999-0721.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q231457", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231457" - }, - { - "name" : "MS99-020", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020" - }, - { - "name" : "J-049", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/j-049.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "J-049", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/j-049.shtml" + }, + { + "name": "MS99-020", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020" + }, + { + "name": "Q231457", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231457" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0163.json b/2007/0xxx/CVE-2007-0163.json index fd54352ed3d..0de3426eeff 100644 --- a/2007/0xxx/CVE-2007-0163.json +++ b/2007/0xxx/CVE-2007-0163.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070106 Cracking Steganography Application in less than ONE minute", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456283/100/0/threaded" - }, - { - "name" : "20070107 A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456519/100/0/threaded" - }, - { - "name" : "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html", - "refsource" : "MISC", - "url" : "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html" - }, - { - "name" : "31244", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31244" - }, - { - "name" : "23639", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23639" - }, - { - "name" : "steganography-password-security-bypass(31378)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31378" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070106 Cracking Steganography Application in less than ONE minute", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456283/100/0/threaded" + }, + { + "name": "20070107 A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456519/100/0/threaded" + }, + { + "name": "31244", + "refsource": "OSVDB", + "url": "http://osvdb.org/31244" + }, + { + "name": "steganography-password-security-bypass(31378)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31378" + }, + { + "name": "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html", + "refsource": "MISC", + "url": "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html" + }, + { + "name": "23639", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23639" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0308.json b/2007/0xxx/CVE-2007-0308.json index c25bdaacd92..501b551509e 100644 --- a/2007/0xxx/CVE-2007-0308.json +++ b/2007/0xxx/CVE-2007-0308.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0308", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0308", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ", - "refsource" : "CONFIRM", - "url" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ" - }, - { - "name" : "22051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22051" - }, - { - "name" : "32813", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32813" - }, - { - "name" : "23718", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23718" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22051" + }, + { + "name": "23718", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23718" + }, + { + "name": "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ", + "refsource": "CONFIRM", + "url": "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ" + }, + { + "name": "32813", + "refsource": "OSVDB", + "url": "http://osvdb.org/32813" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0683.json b/2007/0xxx/CVE-2007-0683.json index aa6bcaca5cf..7bd7bb8ddb9 100644 --- a/2007/0xxx/CVE-2007-0683.json +++ b/2007/0xxx/CVE-2007-0683.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458825/100/0/threaded" - }, - { - "name" : "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=bugtraq&m=117036933022782&w=2" - }, - { - "name" : "3242", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3242" - }, - { - "name" : "http://www.xoron.info/bugs/omegaboard-html.txt", - "refsource" : "MISC", - "url" : "http://www.xoron.info/bugs/omegaboard-html.txt" - }, - { - "name" : "http://www.xoron.info/bugs/omegaboard-perl.txt", - "refsource" : "MISC", - "url" : "http://www.xoron.info/bugs/omegaboard-perl.txt" - }, - { - "name" : "22355", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22355" - }, - { - "name" : "ADV-2007-0445", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0445" - }, - { - "name" : "omegaboard-functions-file-include(32057)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32057" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22355", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22355" + }, + { + "name": "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=bugtraq&m=117036933022782&w=2" + }, + { + "name": "ADV-2007-0445", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0445" + }, + { + "name": "http://www.xoron.info/bugs/omegaboard-perl.txt", + "refsource": "MISC", + "url": "http://www.xoron.info/bugs/omegaboard-perl.txt" + }, + { + "name": "http://www.xoron.info/bugs/omegaboard-html.txt", + "refsource": "MISC", + "url": "http://www.xoron.info/bugs/omegaboard-html.txt" + }, + { + "name": "3242", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3242" + }, + { + "name": "omegaboard-functions-file-include(32057)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32057" + }, + { + "name": "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458825/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1129.json b/2007/1xxx/CVE-2007-1129.json index e3769a140a3..f36e42f3671 100644 --- a/2007/1xxx/CVE-2007-1129.json +++ b/2007/1xxx/CVE-2007-1129.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1129", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1129", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070223 MTCMS multiple upload vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461330/100/100/threaded" - }, - { - "name" : "22690", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22690" - }, - { - "name" : "ADV-2007-0755", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0755" - }, - { - "name" : "33778", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33778" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070223 MTCMS multiple upload vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461330/100/100/threaded" + }, + { + "name": "22690", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22690" + }, + { + "name": "ADV-2007-0755", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0755" + }, + { + "name": "33778", + "refsource": "OSVDB", + "url": "http://osvdb.org/33778" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1151.json b/2007/1xxx/CVE-2007-1151.json index 5d5e7a4a681..fc341fe91e6 100644 --- a/2007/1xxx/CVE-2007-1151.json +++ b/2007/1xxx/CVE-2007-1151.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070222 LoveCMS 1.4 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460917/100/0/threaded" - }, - { - "name" : "22675", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22675" - }, - { - "name" : "ADV-2007-0716", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0716" - }, - { - "name" : "33520", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33520" - }, - { - "name" : "2338", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2338", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2338" + }, + { + "name": "22675", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22675" + }, + { + "name": "33520", + "refsource": "OSVDB", + "url": "http://osvdb.org/33520" + }, + { + "name": "ADV-2007-0716", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0716" + }, + { + "name": "20070222 LoveCMS 1.4 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460917/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1190.json b/2007/1xxx/CVE-2007-1190.json index e2ebbe2d411..6c96d04f5dc 100644 --- a/2007/1xxx/CVE-2007-1190.json +++ b/2007/1xxx/CVE-2007-1190.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1190", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1190", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22755", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22755" - }, - { - "name" : "36205", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36205" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36205", + "refsource": "OSVDB", + "url": "http://osvdb.org/36205" + }, + { + "name": "22755", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22755" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1953.json b/2007/1xxx/CVE-2007-1953.json index f2d1c5f3ba3..881008c39f9 100644 --- a/2007/1xxx/CVE-2007-1953.json +++ b/2007/1xxx/CVE-2007-1953.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1953", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1953", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070406 [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464887/100/0/threaded" - }, - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41" - }, - { - "name" : "courtsonline-phpsessid-security-bypass(33502)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33502" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "courtsonline-phpsessid-security-bypass(33502)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33502" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41" + }, + { + "name": "20070406 [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464887/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5023.json b/2007/5xxx/CVE-2007-5023.json index 1033568de56..081ccdb4842 100644 --- a/2007/5xxx/CVE-2007-5023.json +++ b/2007/5xxx/CVE-2007-5023.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" - }, - { - "name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" - }, - { - "name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" - }, - { - "name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" - }, - { - "name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" - }, - { - "name" : "25732", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25732" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" + }, + { + "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" + }, + { + "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" + }, + { + "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" + }, + { + "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" + }, + { + "name": "25732", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25732" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5103.json b/2007/5xxx/CVE-2007-5103.json index a5e8c273722..c4ae8a9417e 100644 --- a/2007/5xxx/CVE-2007-5103.json +++ b/2007/5xxx/CVE-2007-5103.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4446", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4446" - }, - { - "name" : "38576", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38576" - }, - { - "name" : "26924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26924" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26924" + }, + { + "name": "38576", + "refsource": "OSVDB", + "url": "http://osvdb.org/38576" + }, + { + "name": "4446", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4446" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5298.json b/2007/5xxx/CVE-2007-5298.json index a263ca7aaf5..bd091c55978 100644 --- a/2007/5xxx/CVE-2007-5298.json +++ b/2007/5xxx/CVE-2007-5298.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5298", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote attackers to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5298", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071006 CMS Creamotion - Remote File inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481669/100/0/threaded" - }, - { - "name" : "4491", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4491" - }, - { - "name" : "25947", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25947" - }, - { - "name" : "ADV-2007-3430", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3430" - }, - { - "name" : "38637", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38637" - }, - { - "name" : "38638", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38638" - }, - { - "name" : "3203", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3203" - }, - { - "name" : "cmscreamotion-cfgdocumenturi-file-include(36989)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36989" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote attackers to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25947", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25947" + }, + { + "name": "cmscreamotion-cfgdocumenturi-file-include(36989)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36989" + }, + { + "name": "38637", + "refsource": "OSVDB", + "url": "http://osvdb.org/38637" + }, + { + "name": "38638", + "refsource": "OSVDB", + "url": "http://osvdb.org/38638" + }, + { + "name": "20071006 CMS Creamotion - Remote File inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481669/100/0/threaded" + }, + { + "name": "4491", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4491" + }, + { + "name": "ADV-2007-3430", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3430" + }, + { + "name": "3203", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3203" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5710.json b/2007/5xxx/CVE-2007-5710.json index d29ae50bdf8..1a7a901a630 100644 --- a/2007/5xxx/CVE-2007-5710.json +++ b/2007/5xxx/CVE-2007-5710.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071027 [waraxe-2007-SA#059] - XSS in WordPress 2.3", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482905/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-59.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-59.html" - }, - { - "name" : "http://wordpress.org/development/2007/10/wordpress-231/", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/development/2007/10/wordpress-231/" - }, - { - "name" : "26228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26228" - }, - { - "name" : "ADV-2007-3640", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3640" - }, - { - "name" : "38279", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38279" - }, - { - "name" : "27407", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27407" - }, - { - "name" : "wordpress-editpostrows-xss(38166)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38166" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26228" + }, + { + "name": "38279", + "refsource": "OSVDB", + "url": "http://osvdb.org/38279" + }, + { + "name": "ADV-2007-3640", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3640" + }, + { + "name": "27407", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27407" + }, + { + "name": "wordpress-editpostrows-xss(38166)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38166" + }, + { + "name": "http://www.waraxe.us/advisory-59.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-59.html" + }, + { + "name": "http://wordpress.org/development/2007/10/wordpress-231/", + "refsource": "CONFIRM", + "url": "http://wordpress.org/development/2007/10/wordpress-231/" + }, + { + "name": "20071027 [waraxe-2007-SA#059] - XSS in WordPress 2.3", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482905/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5770.json b/2007/5xxx/CVE-2007-5770.json index 7e9aa3e2a0d..3d5d71c1e62 100644 --- a/2007/5xxx/CVE-2007-5770.json +++ b/2007/5xxx/CVE-2007-5770.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=362081", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=362081" - }, - { - "name" : "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656", - "refsource" : "CONFIRM", - "url" : "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307179", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307179" - }, - { - "name" : "APPLE-SA-2007-12-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" - }, - { - "name" : "DSA-1410", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1410" - }, - { - "name" : "DSA-1411", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1411" - }, - { - "name" : "DSA-1412", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1412" - }, - { - "name" : "MDVSA-2008:029", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:029" - }, - { - "name" : "RHSA-2007:0961", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0961.html" - }, - { - "name" : "RHSA-2007:0965", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0965.html" - }, - { - "name" : "SUSE-SR:2007:024", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_24_sr.html" - }, - { - "name" : "USN-596-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-596-1" - }, - { - "name" : "TA07-352A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" - }, - { - "name" : "26421", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26421" - }, - { - "name" : "oval:org.mitre.oval:def:11025", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025" - }, - { - "name" : "ADV-2007-4238", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4238" - }, - { - "name" : "1018938", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018938" - }, - { - "name" : "26985", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26985" - }, - { - "name" : "27576", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27576" - }, - { - "name" : "27673", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27673" - }, - { - "name" : "27764", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27764" - }, - { - "name" : "27769", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27769" - }, - { - "name" : "27818", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27818" - }, - { - "name" : "28136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28136" - }, - { - "name" : "27756", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27756" - }, - { - "name" : "28645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28645" - }, - { - "name" : "29556", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29556" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27576", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27576" + }, + { + "name": "ADV-2007-4238", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4238" + }, + { + "name": "26985", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26985" + }, + { + "name": "TA07-352A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" + }, + { + "name": "28136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28136" + }, + { + "name": "USN-596-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-596-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=362081", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=362081" + }, + { + "name": "RHSA-2007:0961", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0961.html" + }, + { + "name": "RHSA-2007:0965", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0965.html" + }, + { + "name": "27756", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27756" + }, + { + "name": "DSA-1412", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1412" + }, + { + "name": "27673", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27673" + }, + { + "name": "APPLE-SA-2007-12-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" + }, + { + "name": "DSA-1410", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1410" + }, + { + "name": "27769", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27769" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307179", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307179" + }, + { + "name": "SUSE-SR:2007:024", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html" + }, + { + "name": "MDVSA-2008:029", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:029" + }, + { + "name": "29556", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29556" + }, + { + "name": "1018938", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018938" + }, + { + "name": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656", + "refsource": "CONFIRM", + "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656" + }, + { + "name": "27818", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27818" + }, + { + "name": "oval:org.mitre.oval:def:11025", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025" + }, + { + "name": "28645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28645" + }, + { + "name": "DSA-1411", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1411" + }, + { + "name": "26421", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26421" + }, + { + "name": "27764", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27764" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5885.json b/2007/5xxx/CVE-2007-5885.json index 4e394c28c37..481e8637149 100644 --- a/2007/5xxx/CVE-2007-5885.json +++ b/2007/5xxx/CVE-2007-5885.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5885", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5885", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5899.json b/2007/5xxx/CVE-2007-5899.json index 23b107edba8..b02c9446f1a 100644 --- a/2007/5xxx/CVE-2007-5899.json +++ b/2007/5xxx/CVE-2007-5899.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5899", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.php.net/bug.php?id=42869", - "refsource" : "CONFIRM", - "url" : "http://bugs.php.net/bug.php?id=42869" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.5", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.5" - }, - { - "name" : "http://www.php.net/releases/5_2_5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_5.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1943", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1943" - }, - { - "name" : "https://launchpad.net/bugs/173043", - "refsource" : "CONFIRM", - "url" : "https://launchpad.net/bugs/173043" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242" - }, - { - "name" : "DSA-1444", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1444" - }, - { - "name" : "FEDORA-2008-3864", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html" - }, - { - "name" : "HPSBUX02332", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded" - }, - { - "name" : "SSRT080056", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded" - }, - { - "name" : "MDVSA-2008:125", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125" - }, - { - "name" : "MDVSA-2008:126", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126" - }, - { - "name" : "MDVSA-2008:127", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127" - }, - { - "name" : "RHSA-2008:0505", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0505.html" - }, - { - "name" : "RHSA-2008:0544", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0544.html" - }, - { - "name" : "RHSA-2008:0545", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0545.html" - }, - { - "name" : "RHSA-2008:0546", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0546.html" - }, - { - "name" : "RHSA-2008:0582", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0582.html" - }, - { - "name" : "USN-549-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/549-1/" - }, - { - "name" : "USN-549-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-549-2" - }, - { - "name" : "USN-628-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-628-1" - }, - { - "name" : "38918", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38918" - }, - { - "name" : "oval:org.mitre.oval:def:11211", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11211" - }, - { - "name" : "27659", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27659" - }, - { - "name" : "27864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27864" - }, - { - "name" : "28249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28249" - }, - { - "name" : "30040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30040" - }, - { - "name" : "30828", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30828" - }, - { - "name" : "31119", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31119" - }, - { - "name" : "31124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31124" - }, - { - "name" : "31200", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31200" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38918", + "refsource": "OSVDB", + "url": "http://osvdb.org/38918" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.5", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.5" + }, + { + "name": "https://launchpad.net/bugs/173043", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/173043" + }, + { + "name": "RHSA-2008:0546", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html" + }, + { + "name": "FEDORA-2008-3864", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html" + }, + { + "name": "http://bugs.php.net/bug.php?id=42869", + "refsource": "CONFIRM", + "url": "http://bugs.php.net/bug.php?id=42869" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1943", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1943" + }, + { + "name": "30828", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30828" + }, + { + "name": "DSA-1444", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1444" + }, + { + "name": "RHSA-2008:0582", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0582.html" + }, + { + "name": "USN-628-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-628-1" + }, + { + "name": "RHSA-2008:0545", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0545.html" + }, + { + "name": "27864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27864" + }, + { + "name": "31124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31124" + }, + { + "name": "31119", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31119" + }, + { + "name": "30040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30040" + }, + { + "name": "http://www.php.net/releases/5_2_5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_5.php" + }, + { + "name": "27659", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27659" + }, + { + "name": "31200", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31200" + }, + { + "name": "USN-549-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/549-1/" + }, + { + "name": "SSRT080056", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded" + }, + { + "name": "RHSA-2008:0544", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0544.html" + }, + { + "name": "28249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28249" + }, + { + "name": "MDVSA-2008:125", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125" + }, + { + "name": "HPSBUX02332", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242" + }, + { + "name": "RHSA-2008:0505", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html" + }, + { + "name": "USN-549-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-549-2" + }, + { + "name": "MDVSA-2008:126", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126" + }, + { + "name": "MDVSA-2008:127", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127" + }, + { + "name": "oval:org.mitre.oval:def:11211", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11211" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3104.json b/2015/3xxx/CVE-2015-3104.json index b0dc6989e02..002678d5039 100644 --- a/2015/3xxx/CVE-2015-3104.json +++ b/2015/3xxx/CVE-2015-3104.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3104", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3104", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" - }, - { - "name" : "GLSA-201506-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201506-01" - }, - { - "name" : "RHSA-2015:1086", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html" - }, - { - "name" : "SUSE-SU-2015:1043", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" - }, - { - "name" : "openSUSE-SU-2015:1047", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:1061", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" - }, - { - "name" : "75081", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75081" - }, - { - "name" : "1032519", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" + }, + { + "name": "75081", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75081" + }, + { + "name": "1032519", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032519" + }, + { + "name": "openSUSE-SU-2015:1047", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" + }, + { + "name": "GLSA-201506-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201506-01" + }, + { + "name": "SUSE-SU-2015:1043", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" + }, + { + "name": "openSUSE-SU-2015:1061", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" + }, + { + "name": "RHSA-2015:1086", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3195.json b/2015/3xxx/CVE-2015-3195.json index 38dc359b6ec..70971fd6cdd 100644 --- a/2015/3xxx/CVE-2015-3195.json +++ b/2015/3xxx/CVE-2015-3195.json @@ -1,287 +1,287 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3195", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3195", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://openssl.org/news/secadv/20151203.txt", - "refsource" : "CONFIRM", - "url" : "http://openssl.org/news/secadv/20151203.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100", - "refsource" : "CONFIRM", - "url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "http://fortiguard.com/advisory/openssl-advisory-december-2015", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/openssl-advisory-december-2015" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733" - }, - { - "name" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl" - }, - { - "name" : "DSA-3413", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3413" - }, - { - "name" : "FEDORA-2015-d87d60b9a9", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html" - }, - { - "name" : "HPSBGN03536", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145382583417444&w=2" - }, - { - "name" : "RHSA-2015:2616", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2616.html" - }, - { - "name" : "RHSA-2015:2617", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2617.html" - }, - { - "name" : "RHSA-2016:2056", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2056.html" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "SSA:2015-349-04", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583" - }, - { - "name" : "openSUSE-SU-2016:0637", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" - }, - { - "name" : "openSUSE-SU-2016:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" - }, - { - "name" : "SUSE-SU-2016:0678", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html" - }, - { - "name" : "openSUSE-SU-2015:2288", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html" - }, - { - "name" : "openSUSE-SU-2015:2289", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html" - }, - { - "name" : "openSUSE-SU-2015:2318", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html" - }, - { - "name" : "openSUSE-SU-2015:2349", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html" - }, - { - "name" : "USN-2830-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2830-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "78626", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78626" - }, - { - "name" : "1034294", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "RHSA-2016:2056", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" + }, + { + "name": "openSUSE-SU-2015:2288", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html" + }, + { + "name": "RHSA-2015:2617", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2617.html" + }, + { + "name": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" + }, + { + "name": "SSA:2015-349-04", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583" + }, + { + "name": "openSUSE-SU-2016:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100", + "refsource": "CONFIRM", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100" + }, + { + "name": "78626", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78626" + }, + { + "name": "RHSA-2015:2616", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2616.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" + }, + { + "name": "HPSBGN03536", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145382583417444&w=2" + }, + { + "name": "USN-2830-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2830-1" + }, + { + "name": "openSUSE-SU-2015:2289", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html" + }, + { + "name": "FEDORA-2015-d87d60b9a9", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "http://openssl.org/news/secadv/20151203.txt", + "refsource": "CONFIRM", + "url": "http://openssl.org/news/secadv/20151203.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + }, + { + "name": "1034294", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034294" + }, + { + "name": "SUSE-SU-2016:0678", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html" + }, + { + "name": "openSUSE-SU-2016:0637", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d" + }, + { + "name": "http://fortiguard.com/advisory/openssl-advisory-december-2015", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/openssl-advisory-december-2015" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322" + }, + { + "name": "DSA-3413", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3413" + }, + { + "name": "openSUSE-SU-2015:2318", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + }, + { + "name": "openSUSE-SU-2015:2349", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3420.json b/2015/3xxx/CVE-2015-3420.json index 50a6768aea1..97748e82c81 100644 --- a/2015/3xxx/CVE-2015-3420.json +++ b/2015/3xxx/CVE-2015-3420.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dovecot-news] 20150513 [Dovecot-news] v2.2.17 released", - "refsource" : "MLIST", - "url" : "https://dovecot.org/pipermail/dovecot-news/2015-May/000292.html" - }, - { - "name" : "[dovecot] 20150424 [patch] TLS Handshake failures can crash imap-login", - "refsource" : "MLIST", - "url" : "https://dovecot.org/pipermail/dovecot/2015-April/100618.html" - }, - { - "name" : "[oss-security] 20150427 Re: CVE request: Dovecot remote DoS on TLS connections", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/27/1" - }, - { - "name" : "[oss-security] 20150428 Re: Re: CVE request: Dovecot remote DoS on TLS connections", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/28/4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216057", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216057" - }, - { - "name" : "FEDORA-2015-7089", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158236.html" - }, - { - "name" : "FEDORA-2015-7156", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157030.html" - }, - { - "name" : "FEDORA-2015-7159", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158261.html" - }, - { - "name" : "74335", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150428 Re: Re: CVE request: Dovecot remote DoS on TLS connections", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/28/4" + }, + { + "name": "[dovecot] 20150424 [patch] TLS Handshake failures can crash imap-login", + "refsource": "MLIST", + "url": "https://dovecot.org/pipermail/dovecot/2015-April/100618.html" + }, + { + "name": "[dovecot-news] 20150513 [Dovecot-news] v2.2.17 released", + "refsource": "MLIST", + "url": "https://dovecot.org/pipermail/dovecot-news/2015-May/000292.html" + }, + { + "name": "FEDORA-2015-7159", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158261.html" + }, + { + "name": "FEDORA-2015-7156", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157030.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1216057", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216057" + }, + { + "name": "FEDORA-2015-7089", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158236.html" + }, + { + "name": "[oss-security] 20150427 Re: CVE request: Dovecot remote DoS on TLS connections", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/27/1" + }, + { + "name": "74335", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74335" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3469.json b/2015/3xxx/CVE-2015-3469.json index e4468c2cd6f..16a782e9f74 100644 --- a/2015/3xxx/CVE-2015-3469.json +++ b/2015/3xxx/CVE-2015-3469.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3469", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3469", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3810.json b/2015/3xxx/CVE-2015-3810.json index c20c29fe6c1..55d9e319737 100644 --- a/2015/3xxx/CVE-2015-3810.json +++ b/2015/3xxx/CVE-2015-3810.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3810", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-13.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-13.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3277", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3277" - }, - { - "name" : "GLSA-201510-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-03" - }, - { - "name" : "74629", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74629", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74629" + }, + { + "name": "DSA-3277", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3277" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-13.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-13.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "GLSA-201510-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-03" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4565.json b/2015/4xxx/CVE-2015-4565.json index f1874a7a841..bf649590b4f 100644 --- a/2015/4xxx/CVE-2015-4565.json +++ b/2015/4xxx/CVE-2015-4565.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4565", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4565", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6561.json b/2015/6xxx/CVE-2015-6561.json index a5764ecedcb..58fb33593b5 100644 --- a/2015/6xxx/CVE-2015-6561.json +++ b/2015/6xxx/CVE-2015-6561.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6561", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6561", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7229.json b/2015/7xxx/CVE-2015-7229.json index 5212fb66422..19cb158c642 100644 --- a/2015/7xxx/CVE-2015-7229.json +++ b/2015/7xxx/CVE-2015-7229.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7229", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) \"post to twitter\" permission or change the options for arbitrary attached accounts by leveraging the (2) \"add twitter accounts\" or (3) \"add authenticated twitter accounts\" permission." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2565827", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2565827" - }, - { - "name" : "https://www.drupal.org/node/2559981", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2559981" - }, - { - "name" : "https://www.drupal.org/node/2559985", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2559985" - }, - { - "name" : "https://www.drupal.org/node/2559989", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2559989" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) \"post to twitter\" permission or change the options for arbitrary attached accounts by leveraging the (2) \"add twitter accounts\" or (3) \"add authenticated twitter accounts\" permission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2565827", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2565827" + }, + { + "name": "https://www.drupal.org/node/2559981", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2559981" + }, + { + "name": "https://www.drupal.org/node/2559989", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2559989" + }, + { + "name": "https://www.drupal.org/node/2559985", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2559985" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7582.json b/2015/7xxx/CVE-2015-7582.json index c63803d2b05..1504bdaeee8 100644 --- a/2015/7xxx/CVE-2015-7582.json +++ b/2015/7xxx/CVE-2015-7582.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7582", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2100. Reason: This candidate is a reservation duplicate of CVE-2016-2100. Notes: All CVE users should reference CVE-2016-2100 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7582", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2100. Reason: This candidate is a reservation duplicate of CVE-2016-2100. Notes: All CVE users should reference CVE-2016-2100 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7884.json b/2015/7xxx/CVE-2015-7884.json index 538f7aa16a6..dd2e5307a0e 100644 --- a/2015/7xxx/CVE-2015-7884.json +++ b/2015/7xxx/CVE-2015-7884.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/21/8" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274726", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274726" - }, - { - "name" : "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c" - }, - { - "name" : "openSUSE-SU-2016:1008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" - }, - { - "name" : "USN-2842-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-1" - }, - { - "name" : "USN-2842-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-2" - }, - { - "name" : "USN-2843-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-1" - }, - { - "name" : "USN-2843-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-2" - }, - { - "name" : "USN-2843-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-3" - }, - { - "name" : "77317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77317" - }, - { - "name" : "1034893", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c" + }, + { + "name": "1034893", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034893" + }, + { + "name": "77317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77317" + }, + { + "name": "USN-2843-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-1" + }, + { + "name": "USN-2842-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-2" + }, + { + "name": "USN-2843-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-2" + }, + { + "name": "USN-2842-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-1" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c" + }, + { + "name": "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/21/8" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274726", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274726" + }, + { + "name": "USN-2843-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-3" + }, + { + "name": "openSUSE-SU-2016:1008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7953.json b/2015/7xxx/CVE-2015-7953.json index a9a21bd7ab2..46f4e00911a 100644 --- a/2015/7xxx/CVE-2015-7953.json +++ b/2015/7xxx/CVE-2015-7953.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7953", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7953", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8072.json b/2015/8xxx/CVE-2015-8072.json index e336cc5af3c..a2342de9d3f 100644 --- a/2015/8xxx/CVE-2015-8072.json +++ b/2015/8xxx/CVE-2015-8072.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23881715, a different vulnerability than CVE-2015-6608 and CVE-2015-8073." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23881715, a different vulnerability than CVE-2015-6608 and CVE-2015-8073." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8095.json b/2015/8xxx/CVE-2015-8095.json index 5814fec96d4..ce8efea0235 100644 --- a/2015/8xxx/CVE-2015-8095.json +++ b/2015/8xxx/CVE-2015-8095.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2608414", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2608414" - }, - { - "name" : "https://www.drupal.org/node/2608382", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2608382" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2608414", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2608414" + }, + { + "name": "https://www.drupal.org/node/2608382", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2608382" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8226.json b/2015/8xxx/CVE-2015-8226.json index 4f8d9548537..68c660f7f0e 100644 --- a/2015/8xxx/CVE-2015-8226.json +++ b/2015/8xxx/CVE-2015-8226.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8226", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8226", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8694.json b/2015/8xxx/CVE-2015-8694.json index 176fd885b4e..5c07998edef 100644 --- a/2015/8xxx/CVE-2015-8694.json +++ b/2015/8xxx/CVE-2015-8694.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8694", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8694", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8760.json b/2015/8xxx/CVE-2015-8760.json index 89cee4509c2..3688f908abd 100644 --- a/2015/8xxx/CVE-2015-8760.json +++ b/2015/8xxx/CVE-2015-8760.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8760", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka \"Cross-Site Flashing.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8760", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/" - }, - { - "name" : "79210", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79210" - }, - { - "name" : "1034485", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka \"Cross-Site Flashing.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034485", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034485" + }, + { + "name": "79210", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79210" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0415.json b/2016/0xxx/CVE-2016-0415.json index 63b197bc6a3..d3590b9a8bc 100644 --- a/2016/0xxx/CVE-2016-0415.json +++ b/2016/0xxx/CVE-2016-0415.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034734" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0906.json b/2016/0xxx/CVE-2016-0906.json index ca8835f6c88..7437761ee0f 100644 --- a/2016/0xxx/CVE-2016-0906.json +++ b/2016/0xxx/CVE-2016-0906.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0906", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0906", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160706 ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2016/Jul/33" - }, - { - "name" : "1036235", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036235" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036235", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036235" + }, + { + "name": "20160706 ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2016/Jul/33" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1010.json b/2016/1xxx/CVE-2016-1010.json index c26845290ff..627eee0a0c5 100644 --- a/2016/1xxx/CVE-2016-1010.json +++ b/2016/1xxx/CVE-2016-1010.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84308", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84308" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "84308", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84308" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1184.json b/2016/1xxx/CVE-2016-1184.json index 344eee0c571..f90c630d2df 100644 --- a/2016/1xxx/CVE-2016-1184.json +++ b/2016/1xxx/CVE-2016-1184.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.tokyostarbank.co.jp/important151222.html", - "refsource" : "CONFIRM", - "url" : "http://www.tokyostarbank.co.jp/important151222.html" - }, - { - "name" : "JVN#00272277", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN00272277/index.html" - }, - { - "name" : "JVNDB-2016-000049", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000049.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000049", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000049.html" + }, + { + "name": "JVN#00272277", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN00272277/index.html" + }, + { + "name": "http://www.tokyostarbank.co.jp/important151222.html", + "refsource": "CONFIRM", + "url": "http://www.tokyostarbank.co.jp/important151222.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1400.json b/2016/1xxx/CVE-2016-1400.json index 9b2feeef77c..614bf6ecac5 100644 --- a/2016/1xxx/CVE-2016-1400.json +++ b/2016/1xxx/CVE-2016-1400.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1400", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160516 Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs" - }, - { - "name" : "1035899", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035899", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035899" + }, + { + "name": "20160516 Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1581.json b/2016/1xxx/CVE-2016-1581.json index c9ce136c3dc..ace9f4dd7fa 100644 --- a/2016/1xxx/CVE-2016-1581.json +++ b/2016/1xxx/CVE-2016-1581.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1581", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2016-1581", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://linuxcontainers.org/lxd/news/", - "refsource" : "CONFIRM", - "url" : "https://linuxcontainers.org/lxd/news/" - }, - { - "name" : "USN-2988-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2988-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://linuxcontainers.org/lxd/news/", + "refsource": "CONFIRM", + "url": "https://linuxcontainers.org/lxd/news/" + }, + { + "name": "USN-2988-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2988-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1823.json b/2016/1xxx/CVE-2016-1823.json index 12ed786735e..79236475516 100644 --- a/2016/1xxx/CVE-2016-1823.json +++ b/2016/1xxx/CVE-2016-1823.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39927", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39927/" - }, - { - "name" : "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=774", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=774" - }, - { - "name" : "https://support.apple.com/HT206564", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206564" - }, - { - "name" : "https://support.apple.com/HT206566", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206566" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "https://support.apple.com/HT206568", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206568" - }, - { - "name" : "APPLE-SA-2016-05-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-05-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-05-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90698", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90698" - }, - { - "name" : "1035890", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206566", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206566" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=774", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=774" + }, + { + "name": "39927", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39927/" + }, + { + "name": "APPLE-SA-2016-05-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" + }, + { + "name": "https://support.apple.com/HT206564", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206564" + }, + { + "name": "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html" + }, + { + "name": "1035890", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035890" + }, + { + "name": "APPLE-SA-2016-05-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" + }, + { + "name": "90698", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90698" + }, + { + "name": "https://support.apple.com/HT206568", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206568" + }, + { + "name": "APPLE-SA-2016-05-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5113.json b/2016/5xxx/CVE-2016-5113.json index b667ff527bf..76e3a7c22f8 100644 --- a/2016/5xxx/CVE-2016-5113.json +++ b/2016/5xxx/CVE-2016-5113.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5113", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5113", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5182.json b/2016/5xxx/CVE-2016-5182.json index 1a26a4788c1..7ff8c5bf9e8 100644 --- a/2016/5xxx/CVE-2016-5182.json +++ b/2016/5xxx/CVE-2016-5182.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5182", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "heap corruption" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android", + "version": { + "version_data": [ + { + "version_value": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/638615", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/638615" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:2067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" - }, - { - "name" : "93528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "heap corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93528" + }, + { + "name": "RHSA-2016:2067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" + }, + { + "name": "https://crbug.com/638615", + "refsource": "CONFIRM", + "url": "https://crbug.com/638615" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5255.json b/2016/5xxx/CVE-2016-5255.json index a37bf171921..e053509c50f 100644 --- a/2016/5xxx/CVE-2016-5255.json +++ b/2016/5xxx/CVE-2016-5255.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "openSUSE-SU-2016:1964", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:2026", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" - }, - { - "name" : "USN-3044-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3044-1" - }, - { - "name" : "92260", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92260" - }, - { - "name" : "1036508", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036508" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036508", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036508" + }, + { + "name": "USN-3044-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3044-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356" + }, + { + "name": "92260", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92260" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "openSUSE-SU-2016:1964", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html" + }, + { + "name": "openSUSE-SU-2016:2026", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5768.json b/2016/5xxx/CVE-2016-5768.json index 047823b5373..edebed5ed92 100644 --- a/2016/5xxx/CVE-2016-5768.json +++ b/2016/5xxx/CVE-2016-5768.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/23/4" - }, - { - "name" : "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1", - "refsource" : "CONFIRM", - "url" : "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=72402", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=72402" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "DSA-3618", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3618" - }, - { - "name" : "RHSA-2016:2598", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2598.html" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "openSUSE-SU-2016:1761", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:1922", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" - }, - { - "name" : "91396", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "openSUSE-SU-2016:1761", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" + }, + { + "name": "openSUSE-SU-2016:1922", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "RHSA-2016:2598", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=72402", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=72402" + }, + { + "name": "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1", + "refsource": "CONFIRM", + "url": "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1" + }, + { + "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4" + }, + { + "name": "DSA-3618", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3618" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + }, + { + "name": "91396", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91396" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2151.json b/2018/2xxx/CVE-2018-2151.json index d0e7e076fd9..67a79ed1b44 100644 --- a/2018/2xxx/CVE-2018-2151.json +++ b/2018/2xxx/CVE-2018-2151.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2151", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2151", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2655.json b/2018/2xxx/CVE-2018-2655.json index 2c52410dbab..10a3b05b9cb 100644 --- a/2018/2xxx/CVE-2018-2655.json +++ b/2018/2xxx/CVE-2018-2655.json @@ -1,101 +1,101 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Work in Process", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "12.1.1" - }, - { - "version_affected" : "=", - "version_value" : "12.1.2" - }, - { - "version_affected" : "=", - "version_value" : "12.1.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.3" - }, - { - "version_affected" : "=", - "version_value" : "12.2.4" - }, - { - "version_affected" : "=", - "version_value" : "12.2.5" - }, - { - "version_affected" : "=", - "version_value" : "12.2.6" - }, - { - "version_affected" : "=", - "version_value" : "12.2.7" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Work in Process", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.1.1" + }, + { + "version_affected": "=", + "version_value": "12.1.2" + }, + { + "version_affected": "=", + "version_value": "12.1.3" + }, + { + "version_affected": "=", + "version_value": "12.2.3" + }, + { + "version_affected": "=", + "version_value": "12.2.4" + }, + { + "version_affected": "=", + "version_value": "12.2.5" + }, + { + "version_affected": "=", + "version_value": "12.2.6" + }, + { + "version_affected": "=", + "version_value": "12.2.7" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102646", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102646" - }, - { - "name" : "1040201", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040201", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040201" + }, + { + "name": "102646", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102646" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0471.json b/2019/0xxx/CVE-2019-0471.json index b55178447e2..12f188bd686 100644 --- a/2019/0xxx/CVE-2019-0471.json +++ b/2019/0xxx/CVE-2019-0471.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0471", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0471", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0710.json b/2019/0xxx/CVE-2019-0710.json index 4c6a68ca4f8..20a5d2658d6 100644 --- a/2019/0xxx/CVE-2019-0710.json +++ b/2019/0xxx/CVE-2019-0710.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0710", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0710", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0791.json b/2019/0xxx/CVE-2019-0791.json index 6a9f6c34515..00808b4aed3 100644 --- a/2019/0xxx/CVE-2019-0791.json +++ b/2019/0xxx/CVE-2019-0791.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0791", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0791", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0995.json b/2019/0xxx/CVE-2019-0995.json index 1b2b64d4eca..aa77c94b9d2 100644 --- a/2019/0xxx/CVE-2019-0995.json +++ b/2019/0xxx/CVE-2019-0995.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0995", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0995", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1000xxx/CVE-2019-1000013.json b/2019/1000xxx/CVE-2019-1000013.json index ba7b5ec81c1..c945c986c1c 100644 --- a/2019/1000xxx/CVE-2019-1000013.json +++ b/2019/1000xxx/CVE-2019-1000013.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2019-01-22T21:21:10.021164", - "DATE_REQUESTED" : "2019-01-15T18:58:43", - "ID" : "CVE-2019-1000013", - "REQUESTER" : "bram.verburg@voltone.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.4.0." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2019-01-22T21:21:10.021164", + "DATE_REQUESTED": "2019-01-15T18:58:43", + "ID": "CVE-2019-1000013", + "REQUESTER": "bram.verburg@voltone.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/hexpm/hex_core/pull/48", - "refsource" : "MISC", - "url" : "https://github.com/hexpm/hex_core/pull/48" - }, - { - "name" : "https://github.com/hexpm/hex_core/pull/51", - "refsource" : "MISC", - "url" : "https://github.com/hexpm/hex_core/pull/51" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.4.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/hexpm/hex_core/pull/51", + "refsource": "MISC", + "url": "https://github.com/hexpm/hex_core/pull/51" + }, + { + "name": "https://github.com/hexpm/hex_core/pull/48", + "refsource": "MISC", + "url": "https://github.com/hexpm/hex_core/pull/48" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1040.json b/2019/1xxx/CVE-2019-1040.json index 55f1122f90a..54319af9de0 100644 --- a/2019/1xxx/CVE-2019-1040.json +++ b/2019/1xxx/CVE-2019-1040.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1040", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1040", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1375.json b/2019/1xxx/CVE-2019-1375.json index 6958d249b01..76a83340eeb 100644 --- a/2019/1xxx/CVE-2019-1375.json +++ b/2019/1xxx/CVE-2019-1375.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1375", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1375", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1628.json b/2019/1xxx/CVE-2019-1628.json index 4b6afa34719..07b44d821c6 100644 --- a/2019/1xxx/CVE-2019-1628.json +++ b/2019/1xxx/CVE-2019-1628.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1628", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1628", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1773.json b/2019/1xxx/CVE-2019-1773.json index 32f8277dde4..84490d54623 100644 --- a/2019/1xxx/CVE-2019-1773.json +++ b/2019/1xxx/CVE-2019-1773.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1773", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1773", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4105.json b/2019/4xxx/CVE-2019-4105.json index e004e4f4ce9..d866827a172 100644 --- a/2019/4xxx/CVE-2019-4105.json +++ b/2019/4xxx/CVE-2019-4105.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4105", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4105", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4267.json b/2019/4xxx/CVE-2019-4267.json index e53e02f29c2..a8e75f03a53 100644 --- a/2019/4xxx/CVE-2019-4267.json +++ b/2019/4xxx/CVE-2019-4267.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4267", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4267", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4582.json b/2019/4xxx/CVE-2019-4582.json index 6503ddfb824..09ea9707778 100644 --- a/2019/4xxx/CVE-2019-4582.json +++ b/2019/4xxx/CVE-2019-4582.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4582", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4582", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4588.json b/2019/4xxx/CVE-2019-4588.json index 7f3dfaecea5..ad990c669bb 100644 --- a/2019/4xxx/CVE-2019-4588.json +++ b/2019/4xxx/CVE-2019-4588.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4588", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4588", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5044.json b/2019/5xxx/CVE-2019-5044.json index 9e3c7be8bbb..0496eba35dd 100644 --- a/2019/5xxx/CVE-2019-5044.json +++ b/2019/5xxx/CVE-2019-5044.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5044", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5044", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5275.json b/2019/5xxx/CVE-2019-5275.json index 750f82ceb3a..3907def1692 100644 --- a/2019/5xxx/CVE-2019-5275.json +++ b/2019/5xxx/CVE-2019-5275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5275", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5275", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5797.json b/2019/5xxx/CVE-2019-5797.json index fc31bf55ba2..dfa740a5f1c 100644 --- a/2019/5xxx/CVE-2019-5797.json +++ b/2019/5xxx/CVE-2019-5797.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5797", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5797", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5894.json b/2019/5xxx/CVE-2019-5894.json index 37a5baf4969..9154b954e98 100644 --- a/2019/5xxx/CVE-2019-5894.json +++ b/2019/5xxx/CVE-2019-5894.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5894", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5894", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9133.json b/2019/9xxx/CVE-2019-9133.json index 54886001f19..94085e5c876 100644 --- a/2019/9xxx/CVE-2019-9133.json +++ b/2019/9xxx/CVE-2019-9133.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9133", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9133", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9284.json b/2019/9xxx/CVE-2019-9284.json index ae7b7eb8afb..51a4beb84e4 100644 --- a/2019/9xxx/CVE-2019-9284.json +++ b/2019/9xxx/CVE-2019-9284.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9284", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9284", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9341.json b/2019/9xxx/CVE-2019-9341.json index 2e3c272bc5b..fb933190abf 100644 --- a/2019/9xxx/CVE-2019-9341.json +++ b/2019/9xxx/CVE-2019-9341.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9341", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9341", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file