From 6804d3ee1ccf8f8ca74d6ee357a357687fd5f254 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:38:27 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0891.json | 180 +++++++-------- 2007/3xxx/CVE-2007-3057.json | 180 +++++++-------- 2007/3xxx/CVE-2007-3569.json | 210 +++++++++--------- 2007/3xxx/CVE-2007-3785.json | 140 ++++++------ 2007/3xxx/CVE-2007-3805.json | 160 +++++++------- 2007/3xxx/CVE-2007-3931.json | 160 +++++++------- 2007/4xxx/CVE-2007-4037.json | 180 +++++++-------- 2007/4xxx/CVE-2007-4542.json | 220 +++++++++---------- 2007/4xxx/CVE-2007-4636.json | 190 ++++++++-------- 2007/4xxx/CVE-2007-4716.json | 190 ++++++++-------- 2007/6xxx/CVE-2007-6530.json | 190 ++++++++-------- 2007/6xxx/CVE-2007-6721.json | 180 +++++++-------- 2010/5xxx/CVE-2010-5131.json | 34 +-- 2014/1xxx/CVE-2014-1550.json | 190 ++++++++-------- 2014/1xxx/CVE-2014-1746.json | 210 +++++++++--------- 2014/5xxx/CVE-2014-5052.json | 34 +-- 2014/5xxx/CVE-2014-5348.json | 130 +++++------ 2014/5xxx/CVE-2014-5622.json | 140 ++++++------ 2014/5xxx/CVE-2014-5829.json | 140 ++++++------ 2015/2xxx/CVE-2015-2335.json | 140 ++++++------ 2015/2xxx/CVE-2015-2521.json | 140 ++++++------ 2015/2xxx/CVE-2015-2601.json | 390 ++++++++++++++++----------------- 2015/2xxx/CVE-2015-2681.json | 150 ++++++------- 2015/6xxx/CVE-2015-6286.json | 120 +++++----- 2015/6xxx/CVE-2015-6292.json | 130 +++++------ 2015/6xxx/CVE-2015-6653.json | 34 +-- 2015/6xxx/CVE-2015-6754.json | 130 +++++------ 2015/6xxx/CVE-2015-6759.json | 210 +++++++++--------- 2016/0xxx/CVE-2016-0483.json | 380 ++++++++++++++++---------------- 2016/0xxx/CVE-2016-0574.json | 140 ++++++------ 2016/10xxx/CVE-2016-10321.json | 130 +++++------ 2016/10xxx/CVE-2016-10377.json | 120 +++++----- 2016/4xxx/CVE-2016-4544.json | 240 ++++++++++---------- 2016/4xxx/CVE-2016-4816.json | 140 ++++++------ 2016/4xxx/CVE-2016-4862.json | 150 ++++++------- 2016/4xxx/CVE-2016-4939.json | 34 +-- 2016/9xxx/CVE-2016-9418.json | 150 ++++++------- 2016/9xxx/CVE-2016-9498.json | 174 +++++++-------- 2016/9xxx/CVE-2016-9513.json | 34 +-- 2019/2xxx/CVE-2019-2046.json | 34 +-- 2019/2xxx/CVE-2019-2102.json | 34 +-- 2019/2xxx/CVE-2019-2311.json | 34 +-- 2019/2xxx/CVE-2019-2618.json | 34 +-- 2019/3xxx/CVE-2019-3232.json | 34 +-- 2019/3xxx/CVE-2019-3296.json | 34 +-- 2019/3xxx/CVE-2019-3742.json | 34 +-- 2019/3xxx/CVE-2019-3841.json | 34 +-- 2019/6xxx/CVE-2019-6351.json | 34 +-- 2019/6xxx/CVE-2019-6441.json | 34 +-- 2019/6xxx/CVE-2019-6527.json | 122 +++++------ 2019/6xxx/CVE-2019-6742.json | 34 +-- 2019/7xxx/CVE-2019-7366.json | 34 +-- 2019/7xxx/CVE-2019-7722.json | 120 +++++----- 2019/7xxx/CVE-2019-7990.json | 34 +-- 2019/8xxx/CVE-2019-8040.json | 34 +-- 2019/8xxx/CVE-2019-8235.json | 34 +-- 2019/8xxx/CVE-2019-8592.json | 34 +-- 2019/8xxx/CVE-2019-8655.json | 34 +-- 2019/8xxx/CVE-2019-8752.json | 34 +-- 59 files changed, 3524 insertions(+), 3524 deletions(-) diff --git a/2007/0xxx/CVE-2007-0891.json b/2007/0xxx/CVE-2007-0891.json index 666e489b41b..5747e04f2c1 100644 --- a/2007/0xxx/CVE-2007-0891.json +++ b/2007/0xxx/CVE-2007-0891.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070211 Multiple vulnerabilities in phpMyVisites", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459792/100/0/threaded" - }, - { - "name" : "20070211 Multiple vulnerabilities in phpMyVisites", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117121596803908&w=2" - }, - { - "name" : "22516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22516" - }, - { - "name" : "ADV-2007-0566", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0566" - }, - { - "name" : "33176", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33176" - }, - { - "name" : "24124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24124" - }, - { - "name" : "phpmyvisites-phpmyvisites-xss(32430)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32430" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33176", + "refsource": "OSVDB", + "url": "http://osvdb.org/33176" + }, + { + "name": "20070211 Multiple vulnerabilities in phpMyVisites", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117121596803908&w=2" + }, + { + "name": "24124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24124" + }, + { + "name": "20070211 Multiple vulnerabilities in phpMyVisites", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459792/100/0/threaded" + }, + { + "name": "ADV-2007-0566", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0566" + }, + { + "name": "phpmyvisites-phpmyvisites-xss(32430)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32430" + }, + { + "name": "22516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22516" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3057.json b/2007/3xxx/CVE-2007-3057.json index ca1d7454b5c..68cf919e92f 100644 --- a/2007/3xxx/CVE-2007-3057.json +++ b/2007/3xxx/CVE-2007-3057.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3057", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4022", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4022" - }, - { - "name" : "20070602 [VIM] True: XOOPS Module icontent v.1.0 Remote File Inclusion Exploit (Milw0rm 4022)", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2007-June/001639.html" - }, - { - "name" : "24302", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24302" - }, - { - "name" : "35381", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35381" - }, - { - "name" : "ADV-2007-2047", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2047" - }, - { - "name" : "25522", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25522" - }, - { - "name" : "xoops-icontent-spawcontrolclass-file-include(34681)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34681" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35381", + "refsource": "OSVDB", + "url": "http://osvdb.org/35381" + }, + { + "name": "25522", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25522" + }, + { + "name": "20070602 [VIM] True: XOOPS Module icontent v.1.0 Remote File Inclusion Exploit (Milw0rm 4022)", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2007-June/001639.html" + }, + { + "name": "ADV-2007-2047", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2047" + }, + { + "name": "xoops-icontent-spawcontrolclass-file-include(34681)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34681" + }, + { + "name": "4022", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4022" + }, + { + "name": "24302", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24302" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3569.json b/2007/3xxx/CVE-2007-3569.json index beec6534ec1..63777f1a90d 100644 --- a/2007/3xxx/CVE-2007-3569.json +++ b/2007/3xxx/CVE-2007-3569.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) \"Basic Search page\"; and (8) username parameter when (c) logging on." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070703 Cross Site Scripting in Oliver Library Management System", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472738/100/0/threaded" - }, - { - "name" : "20070703 Cross Site Scripting in Oliver Library Management System", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.html" - }, - { - "name" : "24754", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24754" - }, - { - "name" : "37060", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37060" - }, - { - "name" : "37061", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37061" - }, - { - "name" : "ADV-2007-2432", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2432" - }, - { - "name" : "37059", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37059" - }, - { - "name" : "25930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25930" - }, - { - "name" : "2868", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2868" - }, - { - "name" : "oliver-search-login-xss(35251)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) \"Basic Search page\"; and (8) username parameter when (c) logging on." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25930" + }, + { + "name": "20070703 Cross Site Scripting in Oliver Library Management System", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472738/100/0/threaded" + }, + { + "name": "37061", + "refsource": "OSVDB", + "url": "http://osvdb.org/37061" + }, + { + "name": "ADV-2007-2432", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2432" + }, + { + "name": "37059", + "refsource": "OSVDB", + "url": "http://osvdb.org/37059" + }, + { + "name": "2868", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2868" + }, + { + "name": "oliver-search-login-xss(35251)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35251" + }, + { + "name": "20070703 Cross Site Scripting in Oliver Library Management System", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/055355.html" + }, + { + "name": "37060", + "refsource": "OSVDB", + "url": "http://osvdb.org/37060" + }, + { + "name": "24754", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24754" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3785.json b/2007/3xxx/CVE-2007-3785.json index bcd6f8f4b77..37195c25dd4 100644 --- a/2007/3xxx/CVE-2007-3785.json +++ b/2007/3xxx/CVE-2007-3785.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBlackbox (sbb) 5.1.0.112 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "24882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24882" - }, - { - "name" : "39748", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39748" - }, - { - "name" : "secureblackbox-pgpbbox-data-manipulation(35368)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35368" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBlackbox (sbb) 5.1.0.112 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "secureblackbox-pgpbbox-data-manipulation(35368)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35368" + }, + { + "name": "24882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24882" + }, + { + "name": "39748", + "refsource": "OSVDB", + "url": "http://osvdb.org/39748" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3805.json b/2007/3xxx/CVE-2007-3805.json index 7c49f103575..6fc90546c29 100644 --- a/2007/3xxx/CVE-2007-3805.json +++ b/2007/3xxx/CVE-2007-3805.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf" - }, - { - "name" : "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf" - }, - { - "name" : "37972", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37972" - }, - { - "name" : "25957", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25957" - }, - { - "name" : "clavister-ike-dos(35370)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf", + "refsource": "CONFIRM", + "url": "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf" + }, + { + "name": "clavister-ike-dos(35370)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35370" + }, + { + "name": "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf", + "refsource": "CONFIRM", + "url": "http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf" + }, + { + "name": "37972", + "refsource": "OSVDB", + "url": "http://osvdb.org/37972" + }, + { + "name": "25957", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25957" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3931.json b/2007/3xxx/CVE-2007-3931.json index cbdf75520fc..0d1b41c3374 100644 --- a/2007/3xxx/CVE-2007-3931.json +++ b/2007/3xxx/CVE-2007-3931.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3931", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3931", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://it.slashdot.org/it/07/07/18/0319203.shtml", - "refsource" : "MISC", - "url" : "http://it.slashdot.org/it/07/07/18/0319203.shtml" - }, - { - "name" : "http://linuxfr.org/forums/15/22562.html", - "refsource" : "MISC", - "url" : "http://linuxfr.org/forums/15/22562.html" - }, - { - "name" : "24953", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24953" - }, - { - "name" : "38214", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38214" - }, - { - "name" : "26092", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://it.slashdot.org/it/07/07/18/0319203.shtml", + "refsource": "MISC", + "url": "http://it.slashdot.org/it/07/07/18/0319203.shtml" + }, + { + "name": "26092", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26092" + }, + { + "name": "38214", + "refsource": "OSVDB", + "url": "http://osvdb.org/38214" + }, + { + "name": "24953", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24953" + }, + { + "name": "http://linuxfr.org/forums/15/22562.html", + "refsource": "MISC", + "url": "http://linuxfr.org/forums/15/22562.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4037.json b/2007/4xxx/CVE-2007-4037.json index 3a420d1aa77..30d2b921601 100644 --- a/2007/4xxx/CVE-2007-4037.json +++ b/2007/4xxx/CVE-2007-4037.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4037", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4037", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070726 Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474727/100/0/threaded" - }, - { - "name" : "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474750/100/0/threaded" - }, - { - "name" : "20070726 Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474809/100/0/threaded" - }, - { - "name" : "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475335/100/0/threaded" - }, - { - "name" : "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer", - "refsource" : "MISC", - "url" : "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer" - }, - { - "name" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" - }, - { - "name" : "25100", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25100" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070726 Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded" + }, + { + "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer", + "refsource": "MISC", + "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer" + }, + { + "name": "20070726 Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded" + }, + { + "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded" + }, + { + "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded" + }, + { + "name": "25100", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25100" + }, + { + "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", + "refsource": "MISC", + "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4542.json b/2007/4xxx/CVE-2007-4542.json index 0742d11c6e4..b1bd3202ace 100644 --- a/2007/4xxx/CVE-2007-4542.json +++ b/2007/4xxx/CVE-2007-4542.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346" - }, - { - "name" : "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch", - "refsource" : "MISC", - "url" : "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch" - }, - { - "name" : "http://trac.osgeo.org/mapserver/ticket/2256", - "refsource" : "CONFIRM", - "url" : "http://trac.osgeo.org/mapserver/ticket/2256" - }, - { - "name" : "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/", - "refsource" : "CONFIRM", - "url" : "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/" - }, - { - "name" : "DSA-1539", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1539" - }, - { - "name" : "FEDORA-2007-2018", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html" - }, - { - "name" : "25582", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25582" - }, - { - "name" : "ADV-2007-2974", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2974" - }, - { - "name" : "26561", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26561" - }, - { - "name" : "26718", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26718" - }, - { - "name" : "29688", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29688" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch", + "refsource": "MISC", + "url": "http://trac.osgeo.org/mapserver/attachment/ticket/2256/ms-bug-2256-4.8.patch" + }, + { + "name": "29688", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29688" + }, + { + "name": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/", + "refsource": "CONFIRM", + "url": "http://mapserver.gis.umn.edu/download/current/HISTORY.TXT/" + }, + { + "name": "http://trac.osgeo.org/mapserver/ticket/2256", + "refsource": "CONFIRM", + "url": "http://trac.osgeo.org/mapserver/ticket/2256" + }, + { + "name": "26561", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26561" + }, + { + "name": "26718", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26718" + }, + { + "name": "FEDORA-2007-2018", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00096.html" + }, + { + "name": "ADV-2007-2974", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2974" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439346" + }, + { + "name": "25582", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25582" + }, + { + "name": "DSA-1539", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1539" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4636.json b/2007/4xxx/CVE-2007-4636.json index fe1cd1fad1f..1bc2ea5c85c 100644 --- a/2007/4xxx/CVE-2007-4636.json +++ b/2007/4xxx/CVE-2007-4636.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4636", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to (1) intern/admin/other/backup.php, (2) intern/admin/, (3) intern/clan/member_add.php, (4) intern/config/key_2.php, or (5) intern/config/forum.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4340", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4340" - }, - { - "name" : "25486", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25486" - }, - { - "name" : "38429", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38429" - }, - { - "name" : "38430", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38430" - }, - { - "name" : "38431", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38431" - }, - { - "name" : "38432", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38432" - }, - { - "name" : "38433", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38433" - }, - { - "name" : "phpbg-rootdir-file-include(36348)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to (1) intern/admin/other/backup.php, (2) intern/admin/, (3) intern/clan/member_add.php, (4) intern/config/key_2.php, or (5) intern/config/forum.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4340", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4340" + }, + { + "name": "25486", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25486" + }, + { + "name": "38432", + "refsource": "OSVDB", + "url": "http://osvdb.org/38432" + }, + { + "name": "38433", + "refsource": "OSVDB", + "url": "http://osvdb.org/38433" + }, + { + "name": "38430", + "refsource": "OSVDB", + "url": "http://osvdb.org/38430" + }, + { + "name": "38431", + "refsource": "OSVDB", + "url": "http://osvdb.org/38431" + }, + { + "name": "38429", + "refsource": "OSVDB", + "url": "http://osvdb.org/38429" + }, + { + "name": "phpbg-rootdir-file-include(36348)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36348" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4716.json b/2007/4xxx/CVE-2007-4716.json index ad1315e7206..608de52fb5f 100644 --- a/2007/4xxx/CVE-2007-4716.json +++ b/2007/4xxx/CVE-2007-4716.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=731460", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=731460" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=536503", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=536503" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=536503&group_id=170208", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=536503&group_id=170208" - }, - { - "name" : "25517", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25517" - }, - { - "name" : "ADV-2007-3039", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3039" - }, - { - "name" : "36789", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36789" - }, - { - "name" : "26688", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26688" - }, - { - "name" : "phdhelpdesk-unspecified-sql-injection(36431)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36431" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=731460", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=731460" + }, + { + "name": "phdhelpdesk-unspecified-sql-injection(36431)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36431" + }, + { + "name": "26688", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26688" + }, + { + "name": "36789", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36789" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=536503", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=536503" + }, + { + "name": "ADV-2007-3039", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3039" + }, + { + "name": "25517", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25517" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=536503&group_id=170208", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=536503&group_id=170208" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6530.json b/2007/6xxx/CVE-2007-6530.json index a2bdda98e68..f0ca4020a3d 100644 --- a/2007/6xxx/CVE-2007-6530.json +++ b/2007/6xxx/CVE-2007-6530.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071225 Persits Software XUpload.ocx Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=119863639428564&w=2" - }, - { - "name" : "27025", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27025" - }, - { - "name" : "ADV-2007-4310", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4310" - }, - { - "name" : "39901", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39901" - }, - { - "name" : "1019147", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019147" - }, - { - "name" : "28145", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28145" - }, - { - "name" : "28205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28205" - }, - { - "name" : "28218", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28218" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071225 Persits Software XUpload.ocx Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=119863639428564&w=2" + }, + { + "name": "ADV-2007-4310", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4310" + }, + { + "name": "28205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28205" + }, + { + "name": "1019147", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019147" + }, + { + "name": "28145", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28145" + }, + { + "name": "28218", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28218" + }, + { + "name": "39901", + "refsource": "OSVDB", + "url": "http://osvdb.org/39901" + }, + { + "name": "27025", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27025" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6721.json b/2007/6xxx/CVE-2007-6721.json index f0f97efa526..5288eb2d5fb 100644 --- a/2007/6xxx/CVE-2007-6721.json +++ b/2007/6xxx/CVE-2007-6721.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available", - "refsource" : "MLIST", - "url" : "http://www.bouncycastle.org/devmailarchive/msg08195.html" - }, - { - "name" : "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580", - "refsource" : "CONFIRM", - "url" : "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580" - }, - { - "name" : "http://www.bouncycastle.org/csharp/", - "refsource" : "CONFIRM", - "url" : "http://www.bouncycastle.org/csharp/" - }, - { - "name" : "http://www.bouncycastle.org/releasenotes.html", - "refsource" : "CONFIRM", - "url" : "http://www.bouncycastle.org/releasenotes.html" - }, - { - "name" : "50358", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/50358" - }, - { - "name" : "50359", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/50359" - }, - { - "name" : "50360", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/50360" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580", + "refsource": "CONFIRM", + "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580" + }, + { + "name": "50358", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/50358" + }, + { + "name": "http://www.bouncycastle.org/csharp/", + "refsource": "CONFIRM", + "url": "http://www.bouncycastle.org/csharp/" + }, + { + "name": "50360", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/50360" + }, + { + "name": "http://www.bouncycastle.org/releasenotes.html", + "refsource": "CONFIRM", + "url": "http://www.bouncycastle.org/releasenotes.html" + }, + { + "name": "50359", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/50359" + }, + { + "name": "[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available", + "refsource": "MLIST", + "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5131.json b/2010/5xxx/CVE-2010-5131.json index fa07203229e..f2097304e82 100644 --- a/2010/5xxx/CVE-2010-5131.json +++ b/2010/5xxx/CVE-2010-5131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5131", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-5131", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1550.json b/2014/1xxx/CVE-2014-1550.json index 885bb3d676a..977aebbfb9b 100644 --- a/2014/1xxx/CVE-2014-1550.json +++ b/2014/1xxx/CVE-2014-1550.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1550", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1550", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-58.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-58.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1020411", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1020411" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "1030619", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030619" - }, - { - "name" : "1030620", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030620" - }, - { - "name" : "59760", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59760" - }, - { - "name" : "60628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1020411", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1020411" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "1030620", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030620" + }, + { + "name": "1030619", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030619" + }, + { + "name": "60628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60628" + }, + { + "name": "59760", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59760" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-58.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-58.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1746.json b/2014/1xxx/CVE-2014-1746.json index 0d3fc062b64..d144981a599 100644 --- a/2014/1xxx/CVE-2014-1746.json +++ b/2014/1xxx/CVE-2014-1746.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=364065", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=364065" - }, - { - "name" : "https://src.chromium.org/viewvc/chrome?revision=267280&view=revision", - "refsource" : "CONFIRM", - "url" : "https://src.chromium.org/viewvc/chrome?revision=267280&view=revision" - }, - { - "name" : "DSA-2939", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2939" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0783", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html" - }, - { - "name" : "1030270", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030270" - }, - { - "name" : "58920", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58920" - }, - { - "name" : "59155", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59155" - }, - { - "name" : "60372", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=364065", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=364065" + }, + { + "name": "https://src.chromium.org/viewvc/chrome?revision=267280&view=revision", + "refsource": "CONFIRM", + "url": "https://src.chromium.org/viewvc/chrome?revision=267280&view=revision" + }, + { + "name": "DSA-2939", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2939" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "60372", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60372" + }, + { + "name": "openSUSE-SU-2014:0783", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html" + }, + { + "name": "59155", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59155" + }, + { + "name": "58920", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58920" + }, + { + "name": "1030270", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030270" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5052.json b/2014/5xxx/CVE-2014-5052.json index 9dabdbd5a9f..3ecc35fbb0e 100644 --- a/2014/5xxx/CVE-2014-5052.json +++ b/2014/5xxx/CVE-2014-5052.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5052", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5052", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5348.json b/2014/5xxx/CVE-2014-5348.json index 2ca1b517384..b788e89908e 100644 --- a/2014/5xxx/CVE-2014-5348.json +++ b/2014/5xxx/CVE-2014-5348.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in Riverbed Stingray (aka SteelApp) Traffic Manager Virtual Appliance 9.6 patchlevel 9620140312 allows remote attackers to inject arbitrary web script or HTML via the logfile parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140816 XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Aug/41" - }, - { - "name" : "69243", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in Riverbed Stingray (aka SteelApp) Traffic Manager Virtual Appliance 9.6 patchlevel 9620140312 allows remote attackers to inject arbitrary web script or HTML via the logfile parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140816 XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Aug/41" + }, + { + "name": "69243", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69243" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5622.json b/2014/5xxx/CVE-2014-5622.json index 0575bc76222..b0b9108de69 100644 --- a/2014/5xxx/CVE-2014-5622.json +++ b/2014/5xxx/CVE-2014-5622.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Follow Mania for Instagram (aka com.followmania) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#282857", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/282857" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Follow Mania for Instagram (aka com.followmania) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#282857", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/282857" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5829.json b/2014/5xxx/CVE-2014-5829.json index e2d79d999f3..51fc3ecfb62 100644 --- a/2014/5xxx/CVE-2014-5829.json +++ b/2014/5xxx/CVE-2014-5829.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5829", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Hobby Lobby Stores (aka com.hobbylobbystores.android) application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#917425", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/917425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Hobby Lobby Stores (aka com.hobbylobbystores.android) application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#917425", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/917425" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2335.json b/2015/2xxx/CVE-2015-2335.json index 29374abfbcd..fa0f0994b57 100644 --- a/2015/2xxx/CVE-2015-2335.json +++ b/2015/2xxx/CVE-2015-2335.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to obtain the installation path via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/", - "refsource" : "CONFIRM", - "url" : "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/" - }, - { - "name" : "73216", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73216" - }, - { - "name" : "1031953", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to obtain the installation path via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/", + "refsource": "CONFIRM", + "url": "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/" + }, + { + "name": "73216", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73216" + }, + { + "name": "1031953", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031953" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2521.json b/2015/2xxx/CVE-2015-2521.json index bc896cb3658..8bd614643c5 100644 --- a/2015/2xxx/CVE-2015-2521.json +++ b/2015/2xxx/CVE-2015-2521.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2521", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2521", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38216", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38216/" - }, - { - "name" : "MS15-099", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099" - }, - { - "name" : "1033488", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033488" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033488", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033488" + }, + { + "name": "MS15-099", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099" + }, + { + "name": "38216", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38216/" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2601.json b/2015/2xxx/CVE-2015-2601.json index 43941223d05..ac739eefbc9 100644 --- a/2015/2xxx/CVE-2015-2601.json +++ b/2015/2xxx/CVE-2015-2601.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2601", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10139", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10139" - }, - { - "name" : "DSA-3339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3339" - }, - { - "name" : "DSA-3316", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3316" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2015:1526", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1526.html" - }, - { - "name" : "RHSA-2015:1228", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1228.html" - }, - { - "name" : "RHSA-2015:1229", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1229.html" - }, - { - "name" : "RHSA-2015:1230", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1230.html" - }, - { - "name" : "RHSA-2015:1241", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1241.html" - }, - { - "name" : "RHSA-2015:1242", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1242.html" - }, - { - "name" : "RHSA-2015:1243", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1243.html" - }, - { - "name" : "RHSA-2015:1485", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1485.html" - }, - { - "name" : "RHSA-2015:1486", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1486.html" - }, - { - "name" : "RHSA-2015:1488", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1488.html" - }, - { - "name" : "RHSA-2015:1544", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1544.html" - }, - { - "name" : "RHSA-2015:1604", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1604.html" - }, - { - "name" : "SUSE-SU-2015:1319", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:1320", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:1288", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:1289", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" - }, - { - "name" : "USN-2696-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2696-1" - }, - { - "name" : "USN-2706-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2706-1" - }, - { - "name" : "75867", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75867" - }, - { - "name" : "1037732", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037732" - }, - { - "name" : "1032910", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032910" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1243", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "RHSA-2015:1229", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html" + }, + { + "name": "1032910", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032910" + }, + { + "name": "USN-2706-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2706-1" + }, + { + "name": "RHSA-2015:1526", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html" + }, + { + "name": "RHSA-2015:1485", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html" + }, + { + "name": "RHSA-2015:1544", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10139", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10139" + }, + { + "name": "openSUSE-SU-2015:1289", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" + }, + { + "name": "RHSA-2015:1228", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html" + }, + { + "name": "DSA-3316", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3316" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "RHSA-2015:1486", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "USN-2696-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2696-1" + }, + { + "name": "75867", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75867" + }, + { + "name": "DSA-3339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3339" + }, + { + "name": "RHSA-2015:1242", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727" + }, + { + "name": "1037732", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037732" + }, + { + "name": "RHSA-2015:1488", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html" + }, + { + "name": "SUSE-SU-2015:1319", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" + }, + { + "name": "SUSE-SU-2015:1320", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" + }, + { + "name": "openSUSE-SU-2015:1288", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" + }, + { + "name": "RHSA-2015:1241", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html" + }, + { + "name": "RHSA-2015:1230", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html" + }, + { + "name": "RHSA-2015:1604", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2681.json b/2015/2xxx/CVE-2015-2681.json index 9d5bda305e4..38aee773ed8 100644 --- a/2015/2xxx/CVE-2015-2681.json +++ b/2015/2xxx/CVE-2015-2681.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2681", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2681", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150307 Fw: Vulnerabilities in ASUS RT-G32", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/42" - }, - { - "name" : "http://packetstormsecurity.com/files/130724/ASUS-RT-G32-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130724/ASUS-RT-G32-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" - }, - { - "name" : "http://websecurity.com.ua/7644/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/7644/" - }, - { - "name" : "73296", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73296" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150307 Fw: Vulnerabilities in ASUS RT-G32", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/42" + }, + { + "name": "http://packetstormsecurity.com/files/130724/ASUS-RT-G32-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130724/ASUS-RT-G32-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" + }, + { + "name": "http://websecurity.com.ua/7644/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/7644/" + }, + { + "name": "73296", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73296" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6286.json b/2015/6xxx/CVE-2015-6286.json index 76ea2ed61d3..408e50bc53a 100644 --- a/2015/6xxx/CVE-2015-6286.json +++ b/2015/6xxx/CVE-2015-6286.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote attackers to cause a denial of service (access-point outage) via a crafted UDP packet, aka Bug ID CSCuu47016." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150908 Cisco Application Visibility and Control FlexConnect UDP Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote attackers to cause a denial of service (access-point outage) via a crafted UDP packet, aka Bug ID CSCuu47016." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150908 Cisco Application Visibility and Control FlexConnect UDP Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40845" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6292.json b/2015/6xxx/CVE-2015-6292.json index 4b27c11e789..39c4e4cd59d 100644 --- a/2015/6xxx/CVE-2015-6292.json +++ b/2015/6xxx/CVE-2015-6292.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6292", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple proxy connections, aka Bug ID CSCus10922." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151104 Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa1" - }, - { - "name" : "1034062", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034062" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple proxy connections, aka Bug ID CSCus10922." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034062", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034062" + }, + { + "name": "20151104 Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6653.json b/2015/6xxx/CVE-2015-6653.json index d094fa2e152..bd2ae81b655 100644 --- a/2015/6xxx/CVE-2015-6653.json +++ b/2015/6xxx/CVE-2015-6653.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6653", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6653", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6754.json b/2015/6xxx/CVE-2015-6754.json index 7b7858c888a..0cab20ddac6 100644 --- a/2015/6xxx/CVE-2015-6754.json +++ b/2015/6xxx/CVE-2015-6754.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the \"Administer Path Breadcrumbs\" permission to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2533926", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2533926" - }, - { - "name" : "https://www.drupal.org/node/2533510", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2533510" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the \"Administer Path Breadcrumbs\" permission to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2533926", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2533926" + }, + { + "name": "https://www.drupal.org/node/2533510", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2533510" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6759.json b/2015/6xxx/CVE-2015-6759.json index d025f530368..07b1e100e92 100644 --- a/2015/6xxx/CVE-2015-6759.json +++ b/2015/6xxx/CVE-2015-6759.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6759", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors involving a blob: URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6759", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=514076", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=514076" - }, - { - "name" : "https://src.chromium.org/viewvc/blink?revision=201022&view=revision", - "refsource" : "CONFIRM", - "url" : "https://src.chromium.org/viewvc/blink?revision=201022&view=revision" - }, - { - "name" : "DSA-3376", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3376" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "RHSA-2015:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1912.html" - }, - { - "name" : "USN-2770-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-1" - }, - { - "name" : "USN-2770-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-2" - }, - { - "name" : "77071", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77071" - }, - { - "name" : "1033816", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors involving a blob: URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" + }, + { + "name": "77071", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77071" + }, + { + "name": "https://src.chromium.org/viewvc/blink?revision=201022&view=revision", + "refsource": "CONFIRM", + "url": "https://src.chromium.org/viewvc/blink?revision=201022&view=revision" + }, + { + "name": "DSA-3376", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3376" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=514076", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=514076" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "1033816", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033816" + }, + { + "name": "USN-2770-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-1" + }, + { + "name": "RHSA-2015:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1912.html" + }, + { + "name": "USN-2770-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-2" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0483.json b/2016/0xxx/CVE-2016-0483.json index da0df73c29a..0b938da2dfb 100644 --- a/2016/0xxx/CVE-2016-0483.json +++ b/2016/0xxx/CVE-2016-0483.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-032", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-032" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3465", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3465" - }, - { - "name" : "DSA-3458", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3458" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "GLSA-201610-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-08" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2016:0049", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0049.html" - }, - { - "name" : "RHSA-2016:0050", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0050.html" - }, - { - "name" : "RHSA-2016:0053", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0053.html" - }, - { - "name" : "RHSA-2016:0054", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0054.html" - }, - { - "name" : "RHSA-2016:0055", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0055.html" - }, - { - "name" : "RHSA-2016:0056", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0056.html" - }, - { - "name" : "RHSA-2016:0057", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0057.html" - }, - { - "name" : "RHSA-2016:0067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0067.html" - }, - { - "name" : "SUSE-SU-2016:0256", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0265", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" - }, - { - "name" : "SUSE-SU-2016:0269", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:0263", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" - }, - { - "name" : "openSUSE-SU-2016:0268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" - }, - { - "name" : "openSUSE-SU-2016:0270", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" - }, - { - "name" : "openSUSE-SU-2016:0272", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" - }, - { - "name" : "openSUSE-SU-2016:0279", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" - }, - { - "name" : "USN-2884-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2884-1" - }, - { - "name" : "USN-2885-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2885-1" - }, - { - "name" : "1034715", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-032", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032" + }, + { + "name": "openSUSE-SU-2016:0272", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" + }, + { + "name": "1034715", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034715" + }, + { + "name": "openSUSE-SU-2016:0279", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" + }, + { + "name": "GLSA-201610-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-08" + }, + { + "name": "USN-2884-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2884-1" + }, + { + "name": "DSA-3465", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3465" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "USN-2885-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2885-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2016:0049", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" + }, + { + "name": "openSUSE-SU-2016:0270", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" + }, + { + "name": "RHSA-2016:0053", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" + }, + { + "name": "SUSE-SU-2016:0269", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" + }, + { + "name": "RHSA-2016:0067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" + }, + { + "name": "openSUSE-SU-2016:0263", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" + }, + { + "name": "SUSE-SU-2016:0256", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "RHSA-2016:0057", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" + }, + { + "name": "RHSA-2016:0055", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" + }, + { + "name": "RHSA-2016:0054", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" + }, + { + "name": "RHSA-2016:0056", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" + }, + { + "name": "openSUSE-SU-2016:0268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" + }, + { + "name": "RHSA-2016:0050", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" + }, + { + "name": "DSA-3458", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3458" + }, + { + "name": "SUSE-SU-2016:0265", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0574.json b/2016/0xxx/CVE-2016-0574.json index 3fdc13a96fd..023b8431033 100644 --- a/2016/0xxx/CVE-2016-0574.json +++ b/2016/0xxx/CVE-2016-0574.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "81080", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81080" - }, - { - "name" : "1034716", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "81080", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81080" + }, + { + "name": "1034716", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034716" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10321.json b/2016/10xxx/CVE-2016-10321.json index 21b5d20643e..3b85d2fa4a4 100644 --- a/2016/10xxx/CVE-2016-10321.json +++ b/2016/10xxx/CVE-2016-10321.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426", - "refsource" : "CONFIRM", - "url" : "https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426" - }, - { - "name" : "https://github.com/web2py/web2py/issues/1585#issuecomment-284317919", - "refsource" : "CONFIRM", - "url" : "https://github.com/web2py/web2py/issues/1585#issuecomment-284317919" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/web2py/web2py/issues/1585#issuecomment-284317919", + "refsource": "CONFIRM", + "url": "https://github.com/web2py/web2py/issues/1585#issuecomment-284317919" + }, + { + "name": "https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426", + "refsource": "CONFIRM", + "url": "https://github.com/web2py/web2py/commit/944d8bd8f3c5cf8ae296fc03d149056c65358426" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10377.json b/2016/10xxx/CVE-2016-10377.json index 09bd841f31e..955f90571dd 100644 --- a/2016/10xxx/CVE-2016-10377.json +++ b/2016/10xxx/CVE-2016-10377.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10377", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10377", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html", - "refsource" : "CONFIRM", - "url" : "https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html", + "refsource": "CONFIRM", + "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4544.json b/2016/4xxx/CVE-2016-4544.json index ce7c79b889a..51c25e132f3 100644 --- a/2016/4xxx/CVE-2016-4544.json +++ b/2016/4xxx/CVE-2016-4544.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4544", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-4544", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/05/21" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=72094", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=72094" - }, - { - "name" : "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92", - "refsource" : "CONFIRM", - "url" : "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "DSA-3602", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3602" - }, - { - "name" : "FEDORA-2016-f4e73663f4", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html" - }, - { - "name" : "GLSA-201611-22", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-22" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "openSUSE-SU-2016:1524", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:1357", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html" - }, - { - "name" : "89844", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "89844", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89844" + }, + { + "name": "openSUSE-SU-2016:1524", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html" + }, + { + "name": "GLSA-201611-22", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-22" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "[oss-security] 20160505 CVE Request: PHP: several issues fixed with 7.0.6, 5.6.21 and 5.5.35", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/05/21" + }, + { + "name": "DSA-3602", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3602" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=72094", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=72094" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92", + "refsource": "CONFIRM", + "url": "https://git.php.net/?p=php-src.git;a=commit;h=082aecfc3a753ad03be82cf14f03ac065723ec92" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "openSUSE-SU-2016:1357", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html" + }, + { + "name": "FEDORA-2016-f4e73663f4", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4816.json b/2016/4xxx/CVE-2016-4816.json index 08a039d526a..56d23449d9d 100644 --- a/2016/4xxx/CVE-2016-4816.json +++ b/2016/4xxx/CVE-2016-4816.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4816", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4816", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://buffalo.jp/support_s/s20160527a.html", - "refsource" : "CONFIRM", - "url" : "http://buffalo.jp/support_s/s20160527a.html" - }, - { - "name" : "JVN#75813272", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN75813272/index.html" - }, - { - "name" : "JVNDB-2016-000087", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000087" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000087", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000087" + }, + { + "name": "JVN#75813272", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN75813272/index.html" + }, + { + "name": "http://buffalo.jp/support_s/s20160527a.html", + "refsource": "CONFIRM", + "url": "http://buffalo.jp/support_s/s20160527a.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4862.json b/2016/4xxx/CVE-2016-4862.json index 4c50d017ad9..61947feb229 100644 --- a/2016/4xxx/CVE-2016-4862.json +++ b/2016/4xxx/CVE-2016-4862.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4862", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.html", - "refsource" : "CONFIRM", - "url" : "http://tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.html" - }, - { - "name" : "JVN#55389065", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN55389065/index.html" - }, - { - "name" : "JVNDB-2016-000157", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000157.html" - }, - { - "name" : "92992", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92992" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92992", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92992" + }, + { + "name": "http://tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.html", + "refsource": "CONFIRM", + "url": "http://tips.cs-cart.jp/fix-twigmo-vulnerability-20160914.html" + }, + { + "name": "JVNDB-2016-000157", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000157.html" + }, + { + "name": "JVN#55389065", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN55389065/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4939.json b/2016/4xxx/CVE-2016-4939.json index 7911fae5ac4..62ed0e4a8cb 100644 --- a/2016/4xxx/CVE-2016-4939.json +++ b/2016/4xxx/CVE-2016-4939.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4939", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-4939", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9418.json b/2016/9xxx/CVE-2016-9418.json index 95b2f4c9636..8e88a1d5958 100644 --- a/2016/9xxx/CVE-2016-9418.json +++ b/2016/9xxx/CVE-2016-9418.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9418", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" - }, - { - "name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" - }, - { - "name" : "https://blog.mybb.com/2016/10/17/mybb-1-8-8-merge-system-1-8-8-release/", - "refsource" : "CONFIRM", - "url" : "https://blog.mybb.com/2016/10/17/mybb-1-8-8-merge-system-1-8-8-release/" - }, - { - "name" : "94396", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.mybb.com/2016/10/17/mybb-1-8-8-merge-system-1-8-8-release/", + "refsource": "CONFIRM", + "url": "https://blog.mybb.com/2016/10/17/mybb-1-8-8-merge-system-1-8-8-release/" + }, + { + "name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/1" + }, + { + "name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/10/8" + }, + { + "name": "94396", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94396" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9498.json b/2016/9xxx/CVE-2016-9498.json index 7031bd779ff..b0119f8b0c4 100644 --- a/2016/9xxx/CVE-2016-9498.json +++ b/2016/9xxx/CVE-2016-9498.json @@ -1,89 +1,89 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-9498", - "STATE" : "PUBLIC", - "TITLE" : "ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Applications Manager", - "version" : { - "version_data" : [ - { - "affected" : "=", - "version_name" : "12", - "version_value" : "12" - }, - { - "affected" : "=", - "version_name" : "13", - "version_value" : "13" - } - ] - } - } - ] - }, - "vendor_name" : "ManageEngine" - } - ] - } - }, - "credit" : [ - { - "lang" : "eng", - "value" : "Thanks to Lukasz Juszczyk for reporting this vulnerability." - } - ], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-502" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-9498", + "STATE": "PUBLIC", + "TITLE": "ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Applications Manager", + "version": { + "version_data": [ + { + "affected": "=", + "version_name": "12", + "version_value": "12" + }, + { + "affected": "=", + "version_name": "13", + "version_value": "13" + } + ] + } + } + ] + }, + "vendor_name": "ManageEngine" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20170404 ManageEngine Applications Manager Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2017/Apr/9" - }, - { - "name" : "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.html", - "refsource" : "CONFIRM", - "url" : "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.html" - }, - { - "name" : "97394", - "refsource" : "BID", - "url" : "https://www.securityfocus.com/bid/97394/" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to Lukasz Juszczyk for reporting this vulnerability." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20170404 ManageEngine Applications Manager Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2017/Apr/9" + }, + { + "name": "97394", + "refsource": "BID", + "url": "https://www.securityfocus.com/bid/97394/" + }, + { + "name": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.html", + "refsource": "CONFIRM", + "url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.html" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9513.json b/2016/9xxx/CVE-2016-9513.json index 0a5ba3d5f3b..b7e601403d4 100644 --- a/2016/9xxx/CVE-2016-9513.json +++ b/2016/9xxx/CVE-2016-9513.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9513", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9513", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2046.json b/2019/2xxx/CVE-2019-2046.json index 48975956fb9..da850e2d1b7 100644 --- a/2019/2xxx/CVE-2019-2046.json +++ b/2019/2xxx/CVE-2019-2046.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2046", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2046", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2102.json b/2019/2xxx/CVE-2019-2102.json index f92773ec273..a2f142bfdb3 100644 --- a/2019/2xxx/CVE-2019-2102.json +++ b/2019/2xxx/CVE-2019-2102.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2102", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2102", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2311.json b/2019/2xxx/CVE-2019-2311.json index 038a46b5e80..fd5c1c95c39 100644 --- a/2019/2xxx/CVE-2019-2311.json +++ b/2019/2xxx/CVE-2019-2311.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2311", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2311", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2618.json b/2019/2xxx/CVE-2019-2618.json index 6ae70d6f4a3..a02c331143e 100644 --- a/2019/2xxx/CVE-2019-2618.json +++ b/2019/2xxx/CVE-2019-2618.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2618", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2618", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3232.json b/2019/3xxx/CVE-2019-3232.json index 98a2d38a82c..cb5d6beeae8 100644 --- a/2019/3xxx/CVE-2019-3232.json +++ b/2019/3xxx/CVE-2019-3232.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3232", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3232", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3296.json b/2019/3xxx/CVE-2019-3296.json index 01b5e2e78c3..b36f224d818 100644 --- a/2019/3xxx/CVE-2019-3296.json +++ b/2019/3xxx/CVE-2019-3296.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3296", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3296", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3742.json b/2019/3xxx/CVE-2019-3742.json index 0b99308801b..fd25a60cb74 100644 --- a/2019/3xxx/CVE-2019-3742.json +++ b/2019/3xxx/CVE-2019-3742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3841.json b/2019/3xxx/CVE-2019-3841.json index 1dee4b5c18b..367dd3c32b6 100644 --- a/2019/3xxx/CVE-2019-3841.json +++ b/2019/3xxx/CVE-2019-3841.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3841", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3841", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6351.json b/2019/6xxx/CVE-2019-6351.json index 3d7c9943d92..d915e923900 100644 --- a/2019/6xxx/CVE-2019-6351.json +++ b/2019/6xxx/CVE-2019-6351.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6351", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6351", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6441.json b/2019/6xxx/CVE-2019-6441.json index 88a12470ec0..b43eaa2801f 100644 --- a/2019/6xxx/CVE-2019-6441.json +++ b/2019/6xxx/CVE-2019-6441.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6441", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6441", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6527.json b/2019/6xxx/CVE-2019-6527.json index f4ce52d81f1..8301abe0bb7 100644 --- a/2019/6xxx/CVE-2019-6527.json +++ b/2019/6xxx/CVE-2019-6527.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2019-02-05T00:00:00", - "ID" : "CVE-2019-6527", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "PR100088 Modbus gateway", - "version" : { - "version_data" : [ - { - "version_value" : "All versions prior to Release R02 (or Software Version 1.1.13166)" - } - ] - } - } - ] - }, - "vendor_name" : "ICS-CERT" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "IMPROPER AUTHENTICATION CWE-287" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2019-02-05T00:00:00", + "ID": "CVE-2019-6527", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PR100088 Modbus gateway", + "version": { + "version_data": [ + { + "version_value": "All versions prior to Release R02 (or Software Version 1.1.13166)" + } + ] + } + } + ] + }, + "vendor_name": "ICS-CERT" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER AUTHENTICATION CWE-287" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6742.json b/2019/6xxx/CVE-2019-6742.json index 7eeba7ff24f..181f486bed3 100644 --- a/2019/6xxx/CVE-2019-6742.json +++ b/2019/6xxx/CVE-2019-6742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7366.json b/2019/7xxx/CVE-2019-7366.json index 2e764502459..4fee6a7b653 100644 --- a/2019/7xxx/CVE-2019-7366.json +++ b/2019/7xxx/CVE-2019-7366.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7366", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7366", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7722.json b/2019/7xxx/CVE-2019-7722.json index 3ea17f1868e..7329faba1c5 100644 --- a/2019/7xxx/CVE-2019-7722.json +++ b/2019/7xxx/CVE-2019-7722.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7722", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or request forgery attacks. (PMD 6.x is unaffected because of a 2017-09-15 change.)" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7722", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/pmd/pmd/issues/1650", - "refsource" : "MISC", - "url" : "https://github.com/pmd/pmd/issues/1650" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or request forgery attacks. (PMD 6.x is unaffected because of a 2017-09-15 change.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pmd/pmd/issues/1650", + "refsource": "MISC", + "url": "https://github.com/pmd/pmd/issues/1650" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7990.json b/2019/7xxx/CVE-2019-7990.json index 6e46a690a1b..be09642c4b0 100644 --- a/2019/7xxx/CVE-2019-7990.json +++ b/2019/7xxx/CVE-2019-7990.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7990", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7990", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8040.json b/2019/8xxx/CVE-2019-8040.json index 13d9118d775..b88b887f93b 100644 --- a/2019/8xxx/CVE-2019-8040.json +++ b/2019/8xxx/CVE-2019-8040.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8040", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8040", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8235.json b/2019/8xxx/CVE-2019-8235.json index 2c9d14fa361..dcdc399aef5 100644 --- a/2019/8xxx/CVE-2019-8235.json +++ b/2019/8xxx/CVE-2019-8235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8235", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8235", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8592.json b/2019/8xxx/CVE-2019-8592.json index 6991b693d10..371b8a53792 100644 --- a/2019/8xxx/CVE-2019-8592.json +++ b/2019/8xxx/CVE-2019-8592.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8592", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8592", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8655.json b/2019/8xxx/CVE-2019-8655.json index ad8b6d80fd3..edf676c20a9 100644 --- a/2019/8xxx/CVE-2019-8655.json +++ b/2019/8xxx/CVE-2019-8655.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8655", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8655", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8752.json b/2019/8xxx/CVE-2019-8752.json index 04e9a007397..99edacbe0e3 100644 --- a/2019/8xxx/CVE-2019-8752.json +++ b/2019/8xxx/CVE-2019-8752.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8752", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8752", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file