From 68f102a273ea5964a8b9ef1945cfdfb18778cb0a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:59:54 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0048.json | 310 ++++++++++++++--------------- 2007/0xxx/CVE-2007-0088.json | 160 +++++++-------- 2007/0xxx/CVE-2007-0277.json | 180 ++++++++--------- 2007/0xxx/CVE-2007-0512.json | 160 +++++++-------- 2007/0xxx/CVE-2007-0710.json | 180 ++++++++--------- 2007/1xxx/CVE-2007-1146.json | 150 +++++++------- 2007/1xxx/CVE-2007-1454.json | 180 ++++++++--------- 2007/1xxx/CVE-2007-1464.json | 230 ++++++++++----------- 2007/3xxx/CVE-2007-3135.json | 190 +++++++++--------- 2007/4xxx/CVE-2007-4034.json | 180 ++++++++--------- 2007/4xxx/CVE-2007-4202.json | 150 +++++++------- 2007/4xxx/CVE-2007-4550.json | 150 +++++++------- 2007/4xxx/CVE-2007-4790.json | 210 +++++++++---------- 2007/4xxx/CVE-2007-4875.json | 34 ++-- 2014/5xxx/CVE-2014-5976.json | 140 ++++++------- 2015/2xxx/CVE-2015-2010.json | 34 ++-- 2015/2xxx/CVE-2015-2029.json | 140 ++++++------- 2015/2xxx/CVE-2015-2376.json | 130 ++++++------ 2015/2xxx/CVE-2015-2824.json | 210 +++++++++---------- 2015/3xxx/CVE-2015-3429.json | 230 ++++++++++----------- 2015/3xxx/CVE-2015-3916.json | 34 ++-- 2015/6xxx/CVE-2015-6578.json | 34 ++-- 2015/6xxx/CVE-2015-6631.json | 120 +++++------ 2015/6xxx/CVE-2015-6662.json | 150 +++++++------- 2015/7xxx/CVE-2015-7421.json | 150 +++++++------- 2015/7xxx/CVE-2015-7632.json | 220 ++++++++++---------- 2015/7xxx/CVE-2015-7734.json | 34 ++-- 2015/7xxx/CVE-2015-7910.json | 120 +++++------ 2016/0xxx/CVE-2016-0110.json | 160 +++++++-------- 2016/0xxx/CVE-2016-0190.json | 140 ++++++------- 2016/0xxx/CVE-2016-0424.json | 160 +++++++-------- 2016/0xxx/CVE-2016-0820.json | 130 ++++++------ 2016/1000xxx/CVE-2016-1000010.json | 34 ++-- 2016/10xxx/CVE-2016-10420.json | 132 ++++++------ 2016/10xxx/CVE-2016-10499.json | 132 ++++++------ 2016/1xxx/CVE-2016-1517.json | 130 ++++++------ 2016/4xxx/CVE-2016-4171.json | 210 +++++++++---------- 2016/4xxx/CVE-2016-4244.json | 180 ++++++++--------- 2016/4xxx/CVE-2016-4693.json | 160 +++++++-------- 2016/4xxx/CVE-2016-4725.json | 210 +++++++++---------- 2016/4xxx/CVE-2016-4870.json | 150 +++++++------- 2019/3xxx/CVE-2019-3297.json | 34 ++-- 2019/3xxx/CVE-2019-3493.json | 34 ++-- 2019/3xxx/CVE-2019-3925.json | 34 ++-- 2019/4xxx/CVE-2019-4080.json | 34 ++-- 2019/4xxx/CVE-2019-4270.json | 34 ++-- 2019/4xxx/CVE-2019-4738.json | 34 ++-- 2019/4xxx/CVE-2019-4989.json | 34 ++-- 2019/6xxx/CVE-2019-6274.json | 34 ++-- 2019/6xxx/CVE-2019-6642.json | 34 ++-- 2019/6xxx/CVE-2019-6808.json | 34 ++-- 2019/7xxx/CVE-2019-7402.json | 120 +++++------ 2019/7xxx/CVE-2019-7677.json | 130 ++++++------ 2019/7xxx/CVE-2019-7702.json | 120 +++++------ 2019/7xxx/CVE-2019-7982.json | 34 ++-- 2019/8xxx/CVE-2019-8289.json | 34 ++-- 2019/8xxx/CVE-2019-8783.json | 34 ++-- 2019/9xxx/CVE-2019-9035.json | 130 ++++++------ 2019/9xxx/CVE-2019-9140.json | 34 ++-- 2019/9xxx/CVE-2019-9523.json | 34 ++-- 60 files changed, 3574 insertions(+), 3574 deletions(-) diff --git a/2007/0xxx/CVE-2007-0048.json b/2007/0xxx/CVE-2007-0048.json index 59b31ab4a5d..9a6eda28bac 100644 --- a/2007/0xxx/CVE-2007-0048.json +++ b/2007/0xxx/CVE-2007-0048.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a \"cross-site scripting issue.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455801/100/0/threaded" - }, - { - "name" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf", - "refsource" : "MISC", - "url" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf" - }, - { - "name" : "http://www.wisec.it/vulns.php?page=9", - "refsource" : "MISC", - "url" : "http://www.wisec.it/vulns.php?page=9" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb07-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb07-01.html" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html" - }, - { - "name" : "GLSA-200701-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200701-16.xml" - }, - { - "name" : "SUSE-SA:2007:011", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html" - }, - { - "name" : "TA09-286B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" - }, - { - "name" : "oval:org.mitre.oval:def:6348", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348" - }, - { - "name" : "1023007", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023007" - }, - { - "name" : "ADV-2007-0032", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0032" - }, - { - "name" : "31596", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31596" - }, - { - "name" : "1017469", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017469" - }, - { - "name" : "23812", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23812" - }, - { - "name" : "23882", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23882" - }, - { - "name" : "33754", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33754" - }, - { - "name" : "2090", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2090" - }, - { - "name" : "ADV-2009-2898", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2898" - }, - { - "name" : "adobe-acrobat-character-dos(31273)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a \"cross-site scripting issue.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA09-286B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html" + }, + { + "name": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf", + "refsource": "MISC", + "url": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf" + }, + { + "name": "1023007", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023007" + }, + { + "name": "23882", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23882" + }, + { + "name": "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455801/100/0/threaded" + }, + { + "name": "ADV-2007-0032", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0032" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html" + }, + { + "name": "2090", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2090" + }, + { + "name": "oval:org.mitre.oval:def:6348", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348" + }, + { + "name": "SUSE-SA:2007:011", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html" + }, + { + "name": "33754", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33754" + }, + { + "name": "23812", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23812" + }, + { + "name": "1017469", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017469" + }, + { + "name": "adobe-acrobat-character-dos(31273)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb07-01.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb07-01.html" + }, + { + "name": "ADV-2009-2898", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2898" + }, + { + "name": "GLSA-200701-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200701-16.xml" + }, + { + "name": "31596", + "refsource": "OSVDB", + "url": "http://osvdb.org/31596" + }, + { + "name": "http://www.wisec.it/vulns.php?page=9", + "refsource": "MISC", + "url": "http://www.wisec.it/vulns.php?page=9" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0088.json b/2007/0xxx/CVE-2007-0088.json index 92a05a36edb..52f0645be6e 100644 --- a/2007/0xxx/CVE-2007-0088.json +++ b/2007/0xxx/CVE-2007-0088.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0088", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in openmedia allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) src parameter to page.php or the (2) format parameter to search_form.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0088", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070102 openmedia local read file", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455786/100/0/threaded" - }, - { - "name" : "33370", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33370" - }, - { - "name" : "33371", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33371" - }, - { - "name" : "2103", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2103" - }, - { - "name" : "openmedia-page-directory-traversal(31258)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31258" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in openmedia allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) src parameter to page.php or the (2) format parameter to search_form.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33371", + "refsource": "OSVDB", + "url": "http://osvdb.org/33371" + }, + { + "name": "20070102 openmedia local read file", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455786/100/0/threaded" + }, + { + "name": "openmedia-page-directory-traversal(31258)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31258" + }, + { + "name": "2103", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2103" + }, + { + "name": "33370", + "refsource": "OSVDB", + "url": "http://osvdb.org/33370" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0277.json b/2007/0xxx/CVE-2007-0277.json index f4891baef58..d692cd90c61 100644 --- a/2007/0xxx/CVE-2007-0277.json +++ b/2007/0xxx/CVE-2007-0277.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32917", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32917" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + }, + { + "name": "32917", + "refsource": "OSVDB", + "url": "http://osvdb.org/32917" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0512.json b/2007/0xxx/CVE-2007-0512.json index f842b1ddc25..57a49f1d4bd 100644 --- a/2007/0xxx/CVE-2007-0512.json +++ b/2007/0xxx/CVE-2007-0512.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0512", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1/Server Base 05-00 through 05-00-/M, 03-01-E through 03-01-FD, 03-01 through 03-01-DB, and 05-03; allow attackers to cause a denial of service (process crash) via invalid data to an OpenTP1 port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0512", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html" - }, - { - "name" : "22223", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22223" - }, - { - "name" : "ADV-2007-0325", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0325" - }, - { - "name" : "32962", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32962" - }, - { - "name" : "23866", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1/Server Base 05-00 through 05-00-/M, 03-01-E through 03-01-FD, 03-01 through 03-01-DB, and 05-03; allow attackers to cause a denial of service (process crash) via invalid data to an OpenTP1 port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32962", + "refsource": "OSVDB", + "url": "http://osvdb.org/32962" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html" + }, + { + "name": "ADV-2007-0325", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0325" + }, + { + "name": "22223", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22223" + }, + { + "name": "23866", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23866" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0710.json b/2007/0xxx/CVE-2007-0710.json index b77646037a1..c561341feb2 100644 --- a/2007/0xxx/CVE-2007-0710.json +++ b/2007/0xxx/CVE-2007-0710.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305102", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305102" - }, - { - "name" : "APPLE-SA-2007-02-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html" - }, - { - "name" : "VU#836024", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/836024" - }, - { - "name" : "22304", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22304" - }, - { - "name" : "32713", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32713" - }, - { - "name" : "1017661", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017661" - }, - { - "name" : "24198", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2007-02-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html" + }, + { + "name": "24198", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24198" + }, + { + "name": "VU#836024", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/836024" + }, + { + "name": "1017661", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017661" + }, + { + "name": "32713", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32713" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305102", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305102" + }, + { + "name": "22304", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22304" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1146.json b/2007/1xxx/CVE-2007-1146.json index 1f8662098fd..708da14a6f4 100644 --- a/2007/1xxx/CVE-2007-1146.json +++ b/2007/1xxx/CVE-2007-1146.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1146", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1146", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070222 Hasadya Raed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460933/100/0/threaded" - }, - { - "name" : "20070227 Verified: arabhost function.php RFI", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2007-February/001396.html" - }, - { - "name" : "33839", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33839" - }, - { - "name" : "2339", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2339" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070227 Verified: arabhost function.php RFI", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2007-February/001396.html" + }, + { + "name": "2339", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2339" + }, + { + "name": "20070222 Hasadya Raed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460933/100/0/threaded" + }, + { + "name": "33839", + "refsource": "OSVDB", + "url": "http://osvdb.org/33839" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1454.json b/2007/1xxx/CVE-2007-1454.json index 217d2cf3734..c693c9b21e8 100644 --- a/2007/1xxx/CVE-2007-1454.json +++ b/2007/1xxx/CVE-2007-1454.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1454", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-18-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-18-2007.html" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "MDKSA-2007:090", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "22914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22914" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "22914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22914" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "MDKSA-2007:090", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-18-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-18-2007.html" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1464.json b/2007/1xxx/CVE-2007-1464.json index 693ad0ea176..b3b60200ee0 100644 --- a/2007/1xxx/CVE-2007-1464.json +++ b/2007/1xxx/CVE-2007-1464.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2007-1464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070324 FLEA-2007-0002-1: inkscape", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463710/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1170", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1170" - }, - { - "name" : "GLSA-200704-10", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml" - }, - { - "name" : "SUSE-SR:2007:008", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_8_sr.html" - }, - { - "name" : "23138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23138" - }, - { - "name" : "ADV-2007-1059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1059" - }, - { - "name" : "24615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24615" - }, - { - "name" : "24661", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24661" - }, - { - "name" : "24859", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24859" - }, - { - "name" : "25072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25072" - }, - { - "name" : "inkscape-jabber-format-string(33164)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33164" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "inkscape-jabber-format-string(33164)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33164" + }, + { + "name": "24859", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24859" + }, + { + "name": "24615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24615" + }, + { + "name": "23138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23138" + }, + { + "name": "GLSA-200704-10", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml" + }, + { + "name": "24661", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24661" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1170", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1170" + }, + { + "name": "ADV-2007-1059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1059" + }, + { + "name": "SUSE-SR:2007:008", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html" + }, + { + "name": "20070324 FLEA-2007-0002-1: inkscape", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463710/100/0/threaded" + }, + { + "name": "25072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25072" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3135.json b/2007/3xxx/CVE-2007-3135.json index 5daf7dd96d6..d3c1299c957 100644 --- a/2007/3xxx/CVE-2007-3135.json +++ b/2007/3xxx/CVE-2007-3135.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070607 Atom PhotoBlog v1.0.9 XSS vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470750/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101", - "refsource" : "MISC", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101" - }, - { - "name" : "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html", - "refsource" : "MISC", - "url" : "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html" - }, - { - "name" : "24363", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24363" - }, - { - "name" : "37046", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37046" - }, - { - "name" : "25562", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25562" - }, - { - "name" : "2787", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2787" - }, - { - "name" : "atom-photoblog-tag-xss(34768)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34768" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24363", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24363" + }, + { + "name": "atom-photoblog-tag-xss(34768)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34768" + }, + { + "name": "2787", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2787" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101", + "refsource": "MISC", + "url": "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101" + }, + { + "name": "20070607 Atom PhotoBlog v1.0.9 XSS vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470750/100/0/threaded" + }, + { + "name": "25562", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25562" + }, + { + "name": "37046", + "refsource": "OSVDB", + "url": "http://osvdb.org/37046" + }, + { + "name": "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html", + "refsource": "MISC", + "url": "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4034.json b/2007/4xxx/CVE-2007-4034.json index 8d29b0e214c..d133b888803 100644 --- a/2007/4xxx/CVE-2007-4034.json +++ b/2007/4xxx/CVE-2007-4034.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html", - "refsource" : "CONFIRM", - "url" : "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html" - }, - { - "name" : "VU#120760", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/120760" - }, - { - "name" : "25086", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25086" - }, - { - "name" : "ADV-2007-2679", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2679" - }, - { - "name" : "37705", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37705" - }, - { - "name" : "1018470", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018470" - }, - { - "name" : "26011", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018470", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018470" + }, + { + "name": "26011", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26011" + }, + { + "name": "ADV-2007-2679", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2679" + }, + { + "name": "25086", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25086" + }, + { + "name": "37705", + "refsource": "OSVDB", + "url": "http://osvdb.org/37705" + }, + { + "name": "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html", + "refsource": "CONFIRM", + "url": "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html" + }, + { + "name": "VU#120760", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/120760" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4202.json b/2007/4xxx/CVE-2007-4202.json index 1d5c8baadf6..d372025dbec 100644 --- a/2007/4xxx/CVE-2007-4202.json +++ b/2007/4xxx/CVE-2007-4202.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070726 Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474809/100/0/threaded" - }, - { - "name" : "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475335/100/0/threaded" - }, - { - "name" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" - }, - { - "name" : "VU#912593", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/912593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070726 Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded" + }, + { + "name": "VU#912593", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/912593" + }, + { + "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded" + }, + { + "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", + "refsource": "MISC", + "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4550.json b/2007/4xxx/CVE-2007-4550.json index 319dde90ee7..47574da42e9 100644 --- a/2007/4xxx/CVE-2007-4550.json +++ b/2007/4xxx/CVE-2007-4550.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4550", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4550", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/alpass27-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/alpass27-en.html" - }, - { - "name" : "25435", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25435" - }, - { - "name" : "26616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26616" - }, - { - "name" : "alpass-apw-format-string(36256)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://vuln.sg/alpass27-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/alpass27-en.html" + }, + { + "name": "26616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26616" + }, + { + "name": "alpass-apw-format-string(36256)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36256" + }, + { + "name": "25435", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25435" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4790.json b/2007/4xxx/CVE-2007-4790.json index 2aef81ce0aa..3a49325a78a 100644 --- a/2007/4xxx/CVE-2007-4790.json +++ b/2007/4xxx/CVE-2007-4790.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4790", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4369", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4369" - }, - { - "name" : "HPSBST02314", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120361015026386&w=2" - }, - { - "name" : "SSRT080016", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120361015026386&w=2" - }, - { - "name" : "MS08-010", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010" - }, - { - "name" : "TA08-043C", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" - }, - { - "name" : "25571", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25571" - }, - { - "name" : "ADV-2008-0512", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0512/references" - }, - { - "name" : "oval:org.mitre.oval:def:5481", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5481" - }, - { - "name" : "1019378", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019378" - }, - { - "name" : "foxpro-fpole-activex-bo(36496)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36496" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019378", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019378" + }, + { + "name": "HPSBST02314", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120361015026386&w=2" + }, + { + "name": "4369", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4369" + }, + { + "name": "SSRT080016", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120361015026386&w=2" + }, + { + "name": "foxpro-fpole-activex-bo(36496)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36496" + }, + { + "name": "TA08-043C", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html" + }, + { + "name": "oval:org.mitre.oval:def:5481", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5481" + }, + { + "name": "ADV-2008-0512", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0512/references" + }, + { + "name": "25571", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25571" + }, + { + "name": "MS08-010", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4875.json b/2007/4xxx/CVE-2007-4875.json index 13c57b1be4c..24917164463 100644 --- a/2007/4xxx/CVE-2007-4875.json +++ b/2007/4xxx/CVE-2007-4875.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4875", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4875", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5976.json b/2014/5xxx/CVE-2014-5976.json index 0ded02ef240..887ad430ca9 100644 --- a/2014/5xxx/CVE-2014-5976.json +++ b/2014/5xxx/CVE-2014-5976.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#366897", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/366897" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#366897", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/366897" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2010.json b/2015/2xxx/CVE-2015-2010.json index 1797764ac68..125a627121a 100644 --- a/2015/2xxx/CVE-2015-2010.json +++ b/2015/2xxx/CVE-2015-2010.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2010", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0010. Reason: This candidate is a duplicate of CVE-2015-0010. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2015-0010 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-2010", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0010. Reason: This candidate is a duplicate of CVE-2015-0010. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2015-0010 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2029.json b/2015/2xxx/CVE-2015-2029.json index b0e85b37db7..4d026455dd2 100644 --- a/2015/2xxx/CVE-2015-2029.json +++ b/2015/2xxx/CVE-2015-2029.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" - }, - { - "name" : "PI44098", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" - }, - { - "name" : "PI44105", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" + }, + { + "name": "PI44105", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" + }, + { + "name": "PI44098", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2376.json b/2015/2xxx/CVE-2015-2376.json index 9f82c9915a3..a07de1fd49e 100644 --- a/2015/2xxx/CVE-2015-2376.json +++ b/2015/2xxx/CVE-2015-2376.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-070", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070" - }, - { - "name" : "1032899", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032899", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032899" + }, + { + "name": "MS15-070", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2824.json b/2015/2xxx/CVE-2015-2824.json index 03b8f538f92..44149865848 100644 --- a/2015/2xxx/CVE-2015-2824.json +++ b/2015/2xxx/CVE-2015-2824.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150402 Wordpress plugin Simple Ads Manager - Multiple SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535168/100/0/threaded" - }, - { - "name" : "20150402 Wordpress plugin Simple Ads Manager - SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535165/100/0/threaded" - }, - { - "name" : "36613", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36613/" - }, - { - "name" : "20150405 Multiple SQL Injection", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Apr/7" - }, - { - "name" : "20150405 Wordpress plugin Simple Ads Manager - SQL Injection", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Apr/6" - }, - { - "name" : "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html" - }, - { - "name" : "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html", - "refsource" : "MISC", - "url" : "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html" - }, - { - "name" : "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager", - "refsource" : "CONFIRM", - "url" : "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager" - }, - { - "name" : "https://wordpress.org/plugins/simple-ads-manager/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/simple-ads-manager/changelog/" - }, - { - "name" : "73698", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73698" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150402 Wordpress plugin Simple Ads Manager - Multiple SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535168/100/0/threaded" + }, + { + "name": "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager", + "refsource": "CONFIRM", + "url": "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager" + }, + { + "name": "20150402 Wordpress plugin Simple Ads Manager - SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535165/100/0/threaded" + }, + { + "name": "73698", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73698" + }, + { + "name": "36613", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36613/" + }, + { + "name": "https://wordpress.org/plugins/simple-ads-manager/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/simple-ads-manager/changelog/" + }, + { + "name": "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html", + "refsource": "MISC", + "url": "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html" + }, + { + "name": "20150405 Multiple SQL Injection", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Apr/7" + }, + { + "name": "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html" + }, + { + "name": "20150405 Wordpress plugin Simple Ads Manager - SQL Injection", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Apr/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3429.json b/2015/3xxx/CVE-2015-3429.json index f3b68b21bfc..ae9f8f4cce3 100644 --- a/2015/3xxx/CVE-2015-3429.json +++ b/2015/3xxx/CVE-2015-3429.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150507 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535486/100/1000/threaded" - }, - { - "name" : "20150509 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/41" - }, - { - "name" : "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability", - "refsource" : "MISC", - "url" : "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability" - }, - { - "name" : "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/", - "refsource" : "MISC", - "url" : "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/" - }, - { - "name" : "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/7965", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/7965" - }, - { - "name" : "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7", - "refsource" : "CONFIRM", - "url" : "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7" - }, - { - "name" : "https://wordpress.org/news/2015/05/wordpress-4-2-2/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/news/2015/05/wordpress-4-2-2/" - }, - { - "name" : "DSA-3328", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3328" - }, - { - "name" : "FEDORA-2015-6790", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html" - }, - { - "name" : "FEDORA-2015-6808", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html" - }, - { - "name" : "74534", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74534" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability", + "refsource": "MISC", + "url": "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/7965", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/7965" + }, + { + "name": "20150507 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535486/100/1000/threaded" + }, + { + "name": "DSA-3328", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3328" + }, + { + "name": "FEDORA-2015-6790", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html" + }, + { + "name": "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7", + "refsource": "CONFIRM", + "url": "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7" + }, + { + "name": "https://wordpress.org/news/2015/05/wordpress-4-2-2/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/news/2015/05/wordpress-4-2-2/" + }, + { + "name": "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/", + "refsource": "MISC", + "url": "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/" + }, + { + "name": "20150509 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/41" + }, + { + "name": "74534", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74534" + }, + { + "name": "FEDORA-2015-6808", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html" + }, + { + "name": "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3916.json b/2015/3xxx/CVE-2015-3916.json index c1bfc0f50ef..4382c701c5c 100644 --- a/2015/3xxx/CVE-2015-3916.json +++ b/2015/3xxx/CVE-2015-3916.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3916", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3916", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6578.json b/2015/6xxx/CVE-2015-6578.json index 884abccdc3f..fc747309ef8 100644 --- a/2015/6xxx/CVE-2015-6578.json +++ b/2015/6xxx/CVE-2015-6578.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6578", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6578", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6631.json b/2015/6xxx/CVE-2015-6631.json index 4cc10b0cf25..27665cfa716 100644 --- a/2015/6xxx/CVE-2015-6631.json +++ b/2015/6xxx/CVE-2015-6631.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24623447." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2015-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2015-12-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24623447." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2015-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2015-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6662.json b/2015/6xxx/CVE-2015-6662.json index d3feb04d94f..6dde6af9f8f 100644 --- a/2015/6xxx/CVE-2015-6662.json +++ b/2015/6xxx/CVE-2015-6662.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6662", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6662", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536957/100/0/threaded" - }, - { - "name" : "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Nov/92" - }, - { - "name" : "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/" - }, - { - "name" : "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html" + }, + { + "name": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/" + }, + { + "name": "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Nov/92" + }, + { + "name": "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7421.json b/2015/7xxx/CVE-2015-7421.json index 9750584ee8a..4bed91b4de9 100644 --- a/2015/7xxx/CVE-2015-7421.json +++ b/2015/7xxx/CVE-2015-7421.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7421", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971500", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971500" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277" - }, - { - "name" : "82303", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82303" - }, - { - "name" : "1034846", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034846" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034846", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034846" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971500", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971500" + }, + { + "name": "82303", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82303" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7632.json b/2015/7xxx/CVE-2015-7632.json index 30e865ad882..8d07c8be35b 100644 --- a/2015/7xxx/CVE-2015-7632.json +++ b/2015/7xxx/CVE-2015-7632.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-512", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-512" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" - }, - { - "name" : "GLSA-201511-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201511-02" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "RHSA-2015:1893", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html" - }, - { - "name" : "SUSE-SU-2015:1740", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:1742", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:1744", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1781", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" - }, - { - "name" : "77062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77062" - }, - { - "name" : "1033797", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "openSUSE-SU-2015:1744", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html" + }, + { + "name": "SUSE-SU-2015:1742", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html" + }, + { + "name": "RHSA-2015:1893", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html" + }, + { + "name": "GLSA-201511-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201511-02" + }, + { + "name": "77062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77062" + }, + { + "name": "1033797", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033797" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" + }, + { + "name": "SUSE-SU-2015:1740", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html" + }, + { + "name": "openSUSE-SU-2015:1781", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-512", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-512" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7734.json b/2015/7xxx/CVE-2015-7734.json index f361cb49ce4..e02f19250f5 100644 --- a/2015/7xxx/CVE-2015-7734.json +++ b/2015/7xxx/CVE-2015-7734.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7734", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7734", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7910.json b/2015/7xxx/CVE-2015-7910.json index 8a1519e8228..cdc2a029d3c 100644 --- a/2015/7xxx/CVE-2015-7910.json +++ b/2015/7xxx/CVE-2015-7910.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0110.json b/2016/0xxx/CVE-2016-0110.json index 30568256f1d..b7878c6bca9 100644 --- a/2016/0xxx/CVE-2016-0110.json +++ b/2016/0xxx/CVE-2016-0110.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-023", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" - }, - { - "name" : "MS16-024", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" - }, - { - "name" : "84021", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84021" - }, - { - "name" : "1035203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035203" - }, - { - "name" : "1035204", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "84021", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84021" + }, + { + "name": "1035204", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035204" + }, + { + "name": "MS16-024", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" + }, + { + "name": "1035203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035203" + }, + { + "name": "MS16-023", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0190.json b/2016/0xxx/CVE-2016-0190.json index 84efb12f550..91787179249 100644 --- a/2016/0xxx/CVE-2016-0190.json +++ b/2016/0xxx/CVE-2016-0190.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0190", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka \"Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0190", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-067", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-067" - }, - { - "name" : "90075", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90075" - }, - { - "name" : "1035844", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka \"Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-067", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-067" + }, + { + "name": "1035844", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035844" + }, + { + "name": "90075", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90075" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0424.json b/2016/0xxx/CVE-2016-0424.json index 4fc8a3236ca..fbfd3575ee6 100644 --- a/2016/0xxx/CVE-2016-0424.json +++ b/2016/0xxx/CVE-2016-0424.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160825 Onapsis Security Advisory ONAPSIS-2016-012: JD Edwards JDENET function DoS", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/127" - }, - { - "name" : "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034722", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034722" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034722", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034722" + }, + { + "name": "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html" + }, + { + "name": "20160825 Onapsis Security Advisory ONAPSIS-2016-012: JD Edwards JDENET function DoS", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/127" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0820.json b/2016/0xxx/CVE-2016-0820.json index 9a6189da9ae..2d9edaf4b1d 100644 --- a/2016/0xxx/CVE-2016-0820.json +++ b/2016/0xxx/CVE-2016-0820.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0820", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0820", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-03-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-03-01.html" - }, - { - "name" : "84257", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "84257", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84257" + }, + { + "name": "http://source.android.com/security/bulletin/2016-03-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-03-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000010.json b/2016/1000xxx/CVE-2016-1000010.json index fdb537e91ea..b8de80e6722 100644 --- a/2016/1000xxx/CVE-2016-1000010.json +++ b/2016/1000xxx/CVE-2016-1000010.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000010", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000010", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10420.json b/2016/10xxx/CVE-2016-10420.json index 207b7efe91a..d973413ac83 100644 --- a/2016/10xxx/CVE-2016-10420.json +++ b/2016/10xxx/CVE-2016-10420.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Over-Read in Video." - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Over-Read in Video." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10499.json b/2016/10xxx/CVE-2016-10499.json index cf99546de45..f605c87d7b7 100644 --- a/2016/10xxx/CVE-2016-10499.json +++ b/2016/10xxx/CVE-2016-10499.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10499", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Potential Memory leak in Modem" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10499", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Potential Memory leak in Modem" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1517.json b/2016/1xxx/CVE-2016-1517.json index 8f98ffc7a29..73933141b6b 100644 --- a/2016/1xxx/CVE-2016-1517.json +++ b/2016/1xxx/CVE-2016-1517.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-1517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OpenCV 3.0.0", - "version" : { - "version_data" : [ - { - "version_value" : "OpenCV 3.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DoS" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OpenCV 3.0.0", + "version": { + "version_data": [ + { + "version_value": "OpenCV 3.0.0" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://arxiv.org/pdf/1701.04739.pdf", - "refsource" : "MISC", - "url" : "https://arxiv.org/pdf/1701.04739.pdf" - }, - { - "name" : "https://github.com/opencv/opencv/issues/5956", - "refsource" : "MISC", - "url" : "https://github.com/opencv/opencv/issues/5956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/opencv/opencv/issues/5956", + "refsource": "MISC", + "url": "https://github.com/opencv/opencv/issues/5956" + }, + { + "name": "https://arxiv.org/pdf/1701.04739.pdf", + "refsource": "MISC", + "url": "https://arxiv.org/pdf/1701.04739.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4171.json b/2016/4xxx/CVE-2016-4171.json index 34bb9a47522..8bd16df6365 100644 --- a/2016/4xxx/CVE-2016-4171.json +++ b/2016/4xxx/CVE-2016-4171.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" - }, - { - "name" : "GLSA-201606-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-08" - }, - { - "name" : "RHSA-2016:1238", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1238" - }, - { - "name" : "SUSE-SU-2016:1613", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" - }, - { - "name" : "openSUSE-SU-2016:1621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1625", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" - }, - { - "name" : "VU#748992", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/748992" - }, - { - "name" : "91184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91184" - }, - { - "name" : "1036094", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036094" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201606-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-08" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html" + }, + { + "name": "openSUSE-SU-2016:1625", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" + }, + { + "name": "VU#748992", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/748992" + }, + { + "name": "RHSA-2016:1238", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1238" + }, + { + "name": "openSUSE-SU-2016:1621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" + }, + { + "name": "1036094", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036094" + }, + { + "name": "SUSE-SU-2016:1613", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" + }, + { + "name": "91184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91184" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4244.json b/2016/4xxx/CVE-2016-4244.json index 6145c6e3027..4f46b91d958 100644 --- a/2016/4xxx/CVE-2016-4244.json +++ b/2016/4xxx/CVE-2016-4244.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "GLSA-201607-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-03" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91725" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "GLSA-201607-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-03" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "91725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91725" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4693.json b/2016/4xxx/CVE-2016-4693.json index 8bbf74bb6bd..52fda0348fb 100644 --- a/2016/4xxx/CVE-2016-4693.json +++ b/2016/4xxx/CVE-2016-4693.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Security\" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - }, - { - "name" : "https://support.apple.com/HT207423", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207423" - }, - { - "name" : "https://support.apple.com/HT207487", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207487" - }, - { - "name" : "94905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94905" - }, - { - "name" : "1037469", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037469" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Security\" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207487", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207487" + }, + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + }, + { + "name": "94905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94905" + }, + { + "name": "1037469", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037469" + }, + { + "name": "https://support.apple.com/HT207423", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207423" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4725.json b/2016/4xxx/CVE-2016-4725.json index 362e6245751..3cfa5258c88 100644 --- a/2016/4xxx/CVE-2016-4725.json +++ b/2016/4xxx/CVE-2016-4725.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207141", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207141" - }, - { - "name" : "https://support.apple.com/HT207142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207142" - }, - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "APPLE-SA-2016-09-20-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" - }, - { - "name" : "APPLE-SA-2016-09-20-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" - }, - { - "name" : "93054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93054" - }, - { - "name" : "1036858", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207141", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207141" + }, + { + "name": "1036858", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036858" + }, + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "APPLE-SA-2016-09-20-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" + }, + { + "name": "APPLE-SA-2016-09-20-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" + }, + { + "name": "93054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93054" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + }, + { + "name": "https://support.apple.com/HT207142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207142" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4870.json b/2016/4xxx/CVE-2016-4870.json index 47e6899e18a..7466a7e60d0 100644 --- a/2016/4xxx/CVE-2016-4870.json +++ b/2016/4xxx/CVE-2016-4870.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4870", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4870", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9427", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9427" - }, - { - "name" : "JVN#06726266", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN06726266/index.html" - }, - { - "name" : "JVNDB-2016-000186", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000186.html" - }, - { - "name" : "93281", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93281", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93281" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9427", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9427" + }, + { + "name": "JVNDB-2016-000186", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000186.html" + }, + { + "name": "JVN#06726266", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN06726266/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3297.json b/2019/3xxx/CVE-2019-3297.json index 2663046a466..2fcc4a50e9f 100644 --- a/2019/3xxx/CVE-2019-3297.json +++ b/2019/3xxx/CVE-2019-3297.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3297", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3297", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3493.json b/2019/3xxx/CVE-2019-3493.json index a7883220edb..ad8f1f19848 100644 --- a/2019/3xxx/CVE-2019-3493.json +++ b/2019/3xxx/CVE-2019-3493.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3493", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3493", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3925.json b/2019/3xxx/CVE-2019-3925.json index efa8723b042..bcf53f15e63 100644 --- a/2019/3xxx/CVE-2019-3925.json +++ b/2019/3xxx/CVE-2019-3925.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3925", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3925", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4080.json b/2019/4xxx/CVE-2019-4080.json index 68c2efa9275..333557d0f92 100644 --- a/2019/4xxx/CVE-2019-4080.json +++ b/2019/4xxx/CVE-2019-4080.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4080", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4080", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4270.json b/2019/4xxx/CVE-2019-4270.json index 3a95ae7e6b1..f28f4aacb6b 100644 --- a/2019/4xxx/CVE-2019-4270.json +++ b/2019/4xxx/CVE-2019-4270.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4270", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4270", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4738.json b/2019/4xxx/CVE-2019-4738.json index 7b58bd6ced2..57b0b319917 100644 --- a/2019/4xxx/CVE-2019-4738.json +++ b/2019/4xxx/CVE-2019-4738.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4738", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4738", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4989.json b/2019/4xxx/CVE-2019-4989.json index 9f303f34314..b9ce104956f 100644 --- a/2019/4xxx/CVE-2019-4989.json +++ b/2019/4xxx/CVE-2019-4989.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4989", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4989", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6274.json b/2019/6xxx/CVE-2019-6274.json index cf498838837..a024ba19e11 100644 --- a/2019/6xxx/CVE-2019-6274.json +++ b/2019/6xxx/CVE-2019-6274.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6274", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6274", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6642.json b/2019/6xxx/CVE-2019-6642.json index ffd039730bf..281be1ee89b 100644 --- a/2019/6xxx/CVE-2019-6642.json +++ b/2019/6xxx/CVE-2019-6642.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6642", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6642", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6808.json b/2019/6xxx/CVE-2019-6808.json index c5023b02ebe..e6320ced2b1 100644 --- a/2019/6xxx/CVE-2019-6808.json +++ b/2019/6xxx/CVE-2019-6808.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6808", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6808", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7402.json b/2019/7xxx/CVE-2019-7402.json index 878bc965cbb..064653282ff 100644 --- a/2019/7xxx/CVE-2019-7402.json +++ b/2019/7xxx/CVE-2019-7402.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg_qqcode parameter. This can be exploited via CSRF." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/panghusec/exploit/issues/8", - "refsource" : "MISC", - "url" : "https://github.com/panghusec/exploit/issues/8" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg_qqcode parameter. This can be exploited via CSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/panghusec/exploit/issues/8", + "refsource": "MISC", + "url": "https://github.com/panghusec/exploit/issues/8" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7677.json b/2019/7xxx/CVE-2019-7677.json index d61c2de9561..813ca0e91af 100644 --- a/2019/7xxx/CVE-2019-7677.json +++ b/2019/7xxx/CVE-2019-7677.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt", - "refsource" : "MISC", - "url" : "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt" - }, - { - "name" : "https://github.com/pudding2/enphase-energy/blob/master/XSS.png", - "refsource" : "MISC", - "url" : "https://github.com/pudding2/enphase-energy/blob/master/XSS.png" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt", + "refsource": "MISC", + "url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt" + }, + { + "name": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png", + "refsource": "MISC", + "url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7702.json b/2019/7xxx/CVE-2019-7702.json index 49e27cf0ab2..22a355f8431 100644 --- a/2019/7xxx/CVE-2019-7702.json +++ b/2019/7xxx/CVE-2019-7702.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/WebAssembly/binaryen/issues/1867", - "refsource" : "MISC", - "url" : "https://github.com/WebAssembly/binaryen/issues/1867" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/WebAssembly/binaryen/issues/1867", + "refsource": "MISC", + "url": "https://github.com/WebAssembly/binaryen/issues/1867" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7982.json b/2019/7xxx/CVE-2019-7982.json index 7c43e2fa749..2589acf2b38 100644 --- a/2019/7xxx/CVE-2019-7982.json +++ b/2019/7xxx/CVE-2019-7982.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7982", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7982", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8289.json b/2019/8xxx/CVE-2019-8289.json index f895b63d289..1905b2e2593 100644 --- a/2019/8xxx/CVE-2019-8289.json +++ b/2019/8xxx/CVE-2019-8289.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8289", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8289", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8783.json b/2019/8xxx/CVE-2019-8783.json index a9d696fac8a..3000e2e695e 100644 --- a/2019/8xxx/CVE-2019-8783.json +++ b/2019/8xxx/CVE-2019-8783.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8783", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8783", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9035.json b/2019/9xxx/CVE-2019-9035.json index ae986adbe74..661e58a55c4 100644 --- a/2019/9xxx/CVE-2019-9035.json +++ b/2019/9xxx/CVE-2019-9035.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/TeamSeri0us/pocs/tree/master/matio", - "refsource" : "MISC", - "url" : "https://github.com/TeamSeri0us/pocs/tree/master/matio" - }, - { - "name" : "https://github.com/tbeu/matio/issues/103", - "refsource" : "MISC", - "url" : "https://github.com/tbeu/matio/issues/103" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tbeu/matio/issues/103", + "refsource": "MISC", + "url": "https://github.com/tbeu/matio/issues/103" + }, + { + "name": "https://github.com/TeamSeri0us/pocs/tree/master/matio", + "refsource": "MISC", + "url": "https://github.com/TeamSeri0us/pocs/tree/master/matio" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9140.json b/2019/9xxx/CVE-2019-9140.json index aeb4d4d0059..69eef6f9118 100644 --- a/2019/9xxx/CVE-2019-9140.json +++ b/2019/9xxx/CVE-2019-9140.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9140", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9140", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9523.json b/2019/9xxx/CVE-2019-9523.json index 03067aefb09..ff35bd510d9 100644 --- a/2019/9xxx/CVE-2019-9523.json +++ b/2019/9xxx/CVE-2019-9523.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9523", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9523", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file