diff --git a/1999/0xxx/CVE-1999-0005.json b/1999/0xxx/CVE-1999-0005.json index 4da9a83c3ba..1229c68e3fa 100644 --- a/1999/0xxx/CVE-1999-0005.json +++ b/1999/0xxx/CVE-1999-0005.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0005", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Arbitrary command execution via IMAP buffer overflow in authenticate command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0005", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00177", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177" - }, - { - "name" : "130", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/130" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Arbitrary command execution via IMAP buffer overflow in authenticate command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "130", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/130" + }, + { + "name": "00177", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0390.json b/1999/0xxx/CVE-1999-0390.json index 560a56ab83c..3121424bf74 100644 --- a/1999/0xxx/CVE-1999-0390.json +++ b/1999/0xxx/CVE-1999-0390.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0390", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Dosemu Slang library in Linux." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CSSA-1999-006.1", - "refsource" : "CALDERA", - "url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" - }, - { - "name" : "187", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/187" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Dosemu Slang library in Linux." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CSSA-1999-006.1", + "refsource": "CALDERA", + "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" + }, + { + "name": "187", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/187" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0644.json b/1999/0xxx/CVE-1999-0644.json index a5da4090f0f..0fd3f691f85 100644 --- a/1999/0xxx/CVE-1999-0644.json +++ b/1999/0xxx/CVE-1999-0644.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0644", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The NNTP news service is running.\"" - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-0644", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The NNTP news service is running.\"" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1211.json b/1999/1xxx/CVE-1999-1211.json index e0d34d11c2e..49e386435e4 100644 --- a/1999/1xxx/CVE-1999-1211.json +++ b/1999/1xxx/CVE-1999-1211.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CA-1991-02", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-1991-02.html" - }, - { - "name" : "sun-intelnetd(574)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/574" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sun-intelnetd(574)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/574" + }, + { + "name": "CA-1991-02", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-1991-02.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1290.json b/1999/1xxx/CVE-1999-1290.json index d5d5a6aef4e..1e5eda85001 100644 --- a/1999/1xxx/CVE-1999-1290.json +++ b/1999/1xxx/CVE-1999-1290.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1290", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1290", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981117 nftp vulnerability (fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91127951426494&w=2" - }, - { - "name" : "http://www.ayukov.com/nftp/history.html", - "refsource" : "CONFIRM", - "url" : "http://www.ayukov.com/nftp/history.html" - }, - { - "name" : "nftp-bo(1397)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19981117 nftp vulnerability (fwd)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91127951426494&w=2" + }, + { + "name": "nftp-bo(1397)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1397" + }, + { + "name": "http://www.ayukov.com/nftp/history.html", + "refsource": "CONFIRM", + "url": "http://www.ayukov.com/nftp/history.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1541.json b/1999/1xxx/CVE-1999-1541.json index 41fc7b0e1d0..bd0da253ebf 100644 --- a/1999/1xxx/CVE-1999-1541.json +++ b/1999/1xxx/CVE-1999-1541.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991004", - "refsource" : "L0PHT", - "url" : "http://www.atstake.com/research/advisories/1999/shell-lock.txt" - }, - { - "name" : "19991005 Cactus Software's shell-lock", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=93916168802365&w=2" - }, - { - "name" : "cactus-shell-lock-root-privs(3358)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3358" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19991005 Cactus Software's shell-lock", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=93916168802365&w=2" + }, + { + "name": "19991004", + "refsource": "L0PHT", + "url": "http://www.atstake.com/research/advisories/1999/shell-lock.txt" + }, + { + "name": "cactus-shell-lock-root-privs(3358)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3358" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0239.json b/2000/0xxx/CVE-2000-0239.json index 1385c2363f7..02925a0c087 100644 --- a/2000/0xxx/CVE-2000-0239.json +++ b/2000/0xxx/CVE-2000-0239.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000315 Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95325335825295&w=2" - }, - { - "name" : "http://www.ussrback.com/labs36.html", - "refsource" : "MISC", - "url" : "http://www.ussrback.com/labs36.html" - }, - { - "name" : "1056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000315 Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95325335825295&w=2" + }, + { + "name": "1056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1056" + }, + { + "name": "http://www.ussrback.com/labs36.html", + "refsource": "MISC", + "url": "http://www.ussrback.com/labs36.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0317.json b/2000/0xxx/CVE-2000-0317.json index 01af96b8e3b..42590dfcb4b 100644 --- a/2000/0xxx/CVE-2000-0317.json +++ b/2000/0xxx/CVE-2000-0317.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0317", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000424 Solaris 7 x86 lpset exploit.", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html" - }, - { - "name" : "20000426 Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html" - }, - { - "name" : "20000427 Re: Solaris/SPARC 2.7 lpset exploit (well not likely !)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95729763119559&w=2" - }, - { - "name" : "1138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000427 Re: Solaris/SPARC 2.7 lpset exploit (well not likely !)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95729763119559&w=2" + }, + { + "name": "1138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1138" + }, + { + "name": "20000426 Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html" + }, + { + "name": "20000424 Solaris 7 x86 lpset exploit.", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0390.json b/2000/0xxx/CVE-2000-0390.json index 542fd79395c..3bc8e57ca21 100644 --- a/2000/0xxx/CVE-2000-0390.json +++ b/2000/0xxx/CVE-2000-0390.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0390", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" - }, - { - "name" : "CA-2000-06", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-06.html" - }, - { - "name" : "FreeBSD-SA-00:20", - "refsource" : "FREEBSD", - "url" : "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" - }, - { - "name" : "RHSA-2000:025", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-025.html" - }, - { - "name" : "1220", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1220" - }, - { - "name" : "4884", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-00:20", + "refsource": "FREEBSD", + "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" + }, + { + "name": "RHSA-2000:025", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" + }, + { + "name": "4884", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4884" + }, + { + "name": "CA-2000-06", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-06.html" + }, + { + "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" + }, + { + "name": "1220", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1220" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0401.json b/2000/0xxx/CVE-2000-0401.json index 310b49cfc37..5a66e08712e 100644 --- a/2000/0xxx/CVE-2000-0401.json +++ b/2000/0xxx/CVE-2000-0401.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0401", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000525 Alert: PDG Cart Overflows", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95928319715983&w=2" - }, - { - "name" : "20000525 Alert: PDG Cart Overflows", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=95928667119963&w=2" - }, - { - "name" : "http://www.pdgsoft.com/Security/security2.html", - "refsource" : "CONFIRM", - "url" : "http://www.pdgsoft.com/Security/security2.html" - }, - { - "name" : "1256", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1256", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1256" + }, + { + "name": "20000525 Alert: PDG Cart Overflows", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95928319715983&w=2" + }, + { + "name": "http://www.pdgsoft.com/Security/security2.html", + "refsource": "CONFIRM", + "url": "http://www.pdgsoft.com/Security/security2.html" + }, + { + "name": "20000525 Alert: PDG Cart Overflows", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=95928667119963&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0831.json b/2000/0xxx/CVE-2000-0831.json index 6da305ed2b3..5a0aaa04b20 100644 --- a/2000/0xxx/CVE-2000-0831.json +++ b/2000/0xxx/CVE-2000-0831.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0831", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0831", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000912 DST2K0027: DoS in Faststream FTP++ 2.0", - "refsource" : "WIN2KSEC", - "url" : "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0109.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000912 DST2K0027: DoS in Faststream FTP++ 2.0", + "refsource": "WIN2KSEC", + "url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0109.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0838.json b/2000/0xxx/CVE-2000-0838.json index 9b044feaad5..3312032dd1b 100644 --- a/2000/0xxx/CVE-2000-0838.json +++ b/2000/0xxx/CVE-2000-0838.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000914 DST2K0028: DoS in FUR HTTP Server v1.0b", - "refsource" : "WIN2KSEC", - "url" : "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0111.html" - }, - { - "name" : "fur-get-dos(5237)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5237" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "fur-get-dos(5237)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5237" + }, + { + "name": "20000914 DST2K0028: DoS in FUR HTTP Server v1.0b", + "refsource": "WIN2KSEC", + "url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0111.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0932.json b/2000/0xxx/CVE-2000-0932.json index 701b36f0099..a681c194f8d 100644 --- a/2000/0xxx/CVE-2000-0932.json +++ b/2000/0xxx/CVE-2000-0932.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0932", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0932", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000926 FW: DOS for Content Technologies' MAILsweeper for SMTP.", - "refsource" : "NTBUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html" - }, - { - "name" : "mailsweeper-smtp-dos(5641)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5641" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000926 FW: DOS for Content Technologies' MAILsweeper for SMTP.", + "refsource": "NTBUGTRAQ", + "url": "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html" + }, + { + "name": "mailsweeper-smtp-dos(5641)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5641" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0998.json b/2000/0xxx/CVE-2000-0998.json index 2ac601797b0..a4f6760ebc4 100644 --- a/2000/0xxx/CVE-2000-0998.json +++ b/2000/0xxx/CVE-2000-0998.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in top program allows local attackers to gain root privileges via the \"kill\" or \"renice\" function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch", - "refsource" : "MISC", - "url" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch" - }, - { - "name" : "FreeBSD-SA-00:62", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc" - }, - { - "name" : "1895", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in top program allows local attackers to gain root privileges via the \"kill\" or \"renice\" function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1895", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1895" + }, + { + "name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch", + "refsource": "MISC", + "url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch" + }, + { + "name": "FreeBSD-SA-00:62", + "refsource": "FREEBSD", + "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1125.json b/2000/1xxx/CVE-2000-1125.json index 60002493bc4..022d44044d6 100644 --- a/2000/1xxx/CVE-2000-1125.json +++ b/2000/1xxx/CVE-2000-1125.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001104 Redhat 6.2 restore exploit", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97336034309944&w=2" - }, - { - "name" : "1914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1914" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1914" + }, + { + "name": "20001104 Redhat 6.2 restore exploit", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97336034309944&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2774.json b/2005/2xxx/CVE-2005-2774.json index 3a2f754653a..a2376148c32 100644 --- a/2005/2xxx/CVE-2005-2774.json +++ b/2005/2xxx/CVE-2005-2774.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050825 Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112500372617684&w=2" - }, - { - "name" : "14664", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14664" - }, - { - "name" : "16585", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16585/" - }, - { - "name" : "quake-nickname-format-string(22013)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22013" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14664", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14664" + }, + { + "name": "20050825 Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112500372617684&w=2" + }, + { + "name": "16585", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16585/" + }, + { + "name": "quake-nickname-format-string(22013)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22013" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2961.json b/2005/2xxx/CVE-2005-2961.json index 027e9fb3a52..1f9b79558ab 100644 --- a/2005/2xxx/CVE-2005-2961.json +++ b/2005/2xxx/CVE-2005-2961.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-2961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-834", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-834" - }, - { - "name" : "14993", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14993" - }, - { - "name" : "17021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17021/" - }, - { - "name" : "17035", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17035" - }, - { - "name" : "prozilla-ftpsearch-bo(22491)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22491" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-834", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-834" + }, + { + "name": "17035", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17035" + }, + { + "name": "14993", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14993" + }, + { + "name": "17021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17021/" + }, + { + "name": "prozilla-ftpsearch-bo(22491)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22491" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1169.json b/2007/1xxx/CVE-2007-1169.json index 7608e022098..2b35c3b9eba 100644 --- a/2007/1xxx/CVE-2007-1169.json +++ b/2007/1xxx/CVE-2007-1169.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1169", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1169", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.trendmicro.com/download/product.asp?productid=20", - "refsource" : "CONFIRM", - "url" : "http://www.trendmicro.com/download/product.asp?productid=20" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.trendmicro.com/download/product.asp?productid=20", + "refsource": "CONFIRM", + "url": "http://www.trendmicro.com/download/product.asp?productid=20" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1925.json b/2007/1xxx/CVE-2007-1925.json index 68c601b2671..d3e1799a4e5 100644 --- a/2007/1xxx/CVE-2007-1925.json +++ b/2007/1xxx/CVE-2007-1925.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012", - "refsource" : "CONFIRM", - "url" : "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012" - }, - { - "name" : "http://truzone.org/modules.php?name=News&file=article&sid=1613", - "refsource" : "CONFIRM", - "url" : "http://truzone.org/modules.php?name=News&file=article&sid=1613" - }, - { - "name" : "23354", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23354" - }, - { - "name" : "ADV-2007-1285", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1285" - }, - { - "name" : "34665", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34665" - }, - { - "name" : "24800", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24800" - }, - { - "name" : "nukeet-youraccount-data-manipulation(33483)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1285", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1285" + }, + { + "name": "23354", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23354" + }, + { + "name": "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012", + "refsource": "CONFIRM", + "url": "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012" + }, + { + "name": "nukeet-youraccount-data-manipulation(33483)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33483" + }, + { + "name": "http://truzone.org/modules.php?name=News&file=article&sid=1613", + "refsource": "CONFIRM", + "url": "http://truzone.org/modules.php?name=News&file=article&sid=1613" + }, + { + "name": "24800", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24800" + }, + { + "name": "34665", + "refsource": "OSVDB", + "url": "http://osvdb.org/34665" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5305.json b/2007/5xxx/CVE-2007-5305.json index 89c2bfe00f9..583d8dfe5ed 100644 --- a/2007/5xxx/CVE-2007-5305.json +++ b/2007/5xxx/CVE-2007-5305.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) commentaire.php, and (f) coeurusr.php in utilisateurs/, and (g) articles/fonctions.php and (h) depot/fonctions.php in moduleajouter/; the (3) corpsdesign parameter to (i) articles/usrarticles.php and (j) depot/usrdepot.php in moduleajouter/; and possibly other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071006 Else If cms Multiple Remote vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481683/100/0/threaded" - }, - { - "name" : "25951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25951" - }, - { - "name" : "38649", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38649" - }, - { - "name" : "38650", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38650" - }, - { - "name" : "38651", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38651" - }, - { - "name" : "38652", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38652" - }, - { - "name" : "38653", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38653" - }, - { - "name" : "38654", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38654" - }, - { - "name" : "38655", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38655" - }, - { - "name" : "38656", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38656" - }, - { - "name" : "38657", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38657" - }, - { - "name" : "38658", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38658" - }, - { - "name" : "3204", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3204" - }, - { - "name" : "elseif-multiple-file-include(37011)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) commentaire.php, and (f) coeurusr.php in utilisateurs/, and (g) articles/fonctions.php and (h) depot/fonctions.php in moduleajouter/; the (3) corpsdesign parameter to (i) articles/usrarticles.php and (j) depot/usrdepot.php in moduleajouter/; and possibly other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38656", + "refsource": "OSVDB", + "url": "http://osvdb.org/38656" + }, + { + "name": "38649", + "refsource": "OSVDB", + "url": "http://osvdb.org/38649" + }, + { + "name": "38651", + "refsource": "OSVDB", + "url": "http://osvdb.org/38651" + }, + { + "name": "38653", + "refsource": "OSVDB", + "url": "http://osvdb.org/38653" + }, + { + "name": "25951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25951" + }, + { + "name": "38652", + "refsource": "OSVDB", + "url": "http://osvdb.org/38652" + }, + { + "name": "38658", + "refsource": "OSVDB", + "url": "http://osvdb.org/38658" + }, + { + "name": "38654", + "refsource": "OSVDB", + "url": "http://osvdb.org/38654" + }, + { + "name": "38650", + "refsource": "OSVDB", + "url": "http://osvdb.org/38650" + }, + { + "name": "38655", + "refsource": "OSVDB", + "url": "http://osvdb.org/38655" + }, + { + "name": "20071006 Else If cms Multiple Remote vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481683/100/0/threaded" + }, + { + "name": "elseif-multiple-file-include(37011)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37011" + }, + { + "name": "3204", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3204" + }, + { + "name": "38657", + "refsource": "OSVDB", + "url": "http://osvdb.org/38657" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5439.json b/2007/5xxx/CVE-2007-5439.json index 8d71a7914c6..17aabd83a8c 100644 --- a/2007/5xxx/CVE-2007-5439.json +++ b/2007/5xxx/CVE-2007-5439.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5439", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 [ELEYTT] 10PAZDZIERNIK2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482021/100/0/threaded" - }, - { - "name" : "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf", - "refsource" : "MISC", - "url" : "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf" - }, - { - "name" : "26012", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26012" - }, - { - "name" : "43487", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43487" - }, - { - "name" : "3219", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3219", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3219" + }, + { + "name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf", + "refsource": "MISC", + "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf" + }, + { + "name": "26012", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26012" + }, + { + "name": "43487", + "refsource": "OSVDB", + "url": "http://osvdb.org/43487" + }, + { + "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5572.json b/2007/5xxx/CVE-2007-5572.json index 4f876cc9861..7e2610ab5ea 100644 --- a/2007/5xxx/CVE-2007-5572.json +++ b/2007/5xxx/CVE-2007-5572.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow remote attackers to perform delete actions as administrators via (1) the block_id parameter to add_block.php or (2) the link_id parameter to add_link.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071017 Multiple CSRF in SimplePHPBlog", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482422/100/0/threaded" - }, - { - "name" : "http://hackish.altervista.org/forum/viewtopic.php?t=221", - "refsource" : "MISC", - "url" : "http://hackish.altervista.org/forum/viewtopic.php?t=221" - }, - { - "name" : "27264", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27264" - }, - { - "name" : "simplephpblog-addblock-csrf(37238)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37238" - }, - { - "name" : "simplephpblog-addlink-csrf(37239)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow remote attackers to perform delete actions as administrators via (1) the block_id parameter to add_block.php or (2) the link_id parameter to add_link.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "simplephpblog-addlink-csrf(37239)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37239" + }, + { + "name": "simplephpblog-addblock-csrf(37238)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37238" + }, + { + "name": "http://hackish.altervista.org/forum/viewtopic.php?t=221", + "refsource": "MISC", + "url": "http://hackish.altervista.org/forum/viewtopic.php?t=221" + }, + { + "name": "20071017 Multiple CSRF in SimplePHPBlog", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482422/100/0/threaded" + }, + { + "name": "27264", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27264" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5631.json b/2007/5xxx/CVE-2007-5631.json index 37175f050c0..559d8c2c3dd 100644 --- a/2007/5xxx/CVE-2007-5631.json +++ b/2007/5xxx/CVE-2007-5631.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071111 PeopleAggregatory security advisory - re CVE-2007-5631", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483571/100/0/threaded" - }, - { - "name" : "4551", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4551" - }, - { - "name" : "http://www.myelin.co.nz/post/2007/11/12/#200711121", - "refsource" : "CONFIRM", - "url" : "http://www.myelin.co.nz/post/2007/11/12/#200711121" - }, - { - "name" : "26147", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26147" - }, - { - "name" : "45495", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45495" - }, - { - "name" : "45496", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45496" - }, - { - "name" : "45497", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45497" - }, - { - "name" : "45498", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45498" - }, - { - "name" : "45499", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45499" - }, - { - "name" : "45500", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45500" - }, - { - "name" : "45501", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45501" - }, - { - "name" : "peopleaggregator-pathprefix-file-include(37349)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37349" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45496", + "refsource": "OSVDB", + "url": "http://osvdb.org/45496" + }, + { + "name": "26147", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26147" + }, + { + "name": "20071111 PeopleAggregatory security advisory - re CVE-2007-5631", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483571/100/0/threaded" + }, + { + "name": "45495", + "refsource": "OSVDB", + "url": "http://osvdb.org/45495" + }, + { + "name": "45501", + "refsource": "OSVDB", + "url": "http://osvdb.org/45501" + }, + { + "name": "45500", + "refsource": "OSVDB", + "url": "http://osvdb.org/45500" + }, + { + "name": "4551", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4551" + }, + { + "name": "http://www.myelin.co.nz/post/2007/11/12/#200711121", + "refsource": "CONFIRM", + "url": "http://www.myelin.co.nz/post/2007/11/12/#200711121" + }, + { + "name": "45499", + "refsource": "OSVDB", + "url": "http://osvdb.org/45499" + }, + { + "name": "45497", + "refsource": "OSVDB", + "url": "http://osvdb.org/45497" + }, + { + "name": "45498", + "refsource": "OSVDB", + "url": "http://osvdb.org/45498" + }, + { + "name": "peopleaggregator-pathprefix-file-include(37349)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37349" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5766.json b/2007/5xxx/CVE-2007-5766.json index d5af30b8855..18ca41ca681 100644 --- a/2007/5xxx/CVE-2007-5766.json +++ b/2007/5xxx/CVE-2007-5766.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071031 ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483098/100/100/threaded" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html" - }, - { - "name" : "40080", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40080" - }, - { - "name" : "3344", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "20071031 ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483098/100/100/threaded" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html" + }, + { + "name": "3344", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3344" + }, + { + "name": "40080", + "refsource": "OSVDB", + "url": "http://osvdb.org/40080" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5833.json b/2007/5xxx/CVE-2007-5833.json index 9e16b2b0ddb..99a688a2ca5 100644 --- a/2007/5xxx/CVE-2007-5833.json +++ b/2007/5xxx/CVE-2007-5833.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5833", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5833", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071024 Bosdev Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482732/100/0/threaded" - }, - { - "name" : "3343", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071024 Bosdev Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482732/100/0/threaded" + }, + { + "name": "3343", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3343" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2324.json b/2009/2xxx/CVE-2009-2324.json index 79d7275f442..dc28d8ad5d6 100644 --- a/2009/2xxx/CVE-2009-2324.json +++ b/2009/2xxx/CVE-2009-2324.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090703 [oCERT-2009-007] FCKeditor input sanitization errors", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504721/100/0/threaded" - }, - { - "name" : "http://www.ocert.org/advisories/ocert-2009-007.html", - "refsource" : "MISC", - "url" : "http://www.ocert.org/advisories/ocert-2009-007.html" - }, - { - "name" : "1022513", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ocert.org/advisories/ocert-2009-007.html", + "refsource": "MISC", + "url": "http://www.ocert.org/advisories/ocert-2009-007.html" + }, + { + "name": "1022513", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022513" + }, + { + "name": "20090703 [oCERT-2009-007] FCKeditor input sanitization errors", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504721/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2459.json b/2009/2xxx/CVE-2009-2459.json index b0574be5d43..12cdd081bba 100644 --- a/2009/2xxx/CVE-2009-2459.json +++ b/2009/2xxx/CVE-2009-2459.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \\environ, (2) \\input, and (3) \\counter TeX directives." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://scary.beasts.org/security/CESA-2009-009.html", - "refsource" : "MISC", - "url" : "http://scary.beasts.org/security/CESA-2009-009.html" - }, - { - "name" : "FEDORA-2010-6546", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html" - }, - { - "name" : "35752", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35752" - }, - { - "name" : "ADV-2009-1875", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1875" - }, - { - "name" : "ADV-2010-0877", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \\environ, (2) \\input, and (3) \\counter TeX directives." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-1875", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1875" + }, + { + "name": "35752", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35752" + }, + { + "name": "ADV-2010-0877", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0877" + }, + { + "name": "http://scary.beasts.org/security/CESA-2009-009.html", + "refsource": "MISC", + "url": "http://scary.beasts.org/security/CESA-2009-009.html" + }, + { + "name": "FEDORA-2010-6546", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3162.json b/2015/3xxx/CVE-2015-3162.json index 170d65cfff7..2102623fc87 100644 --- a/2015/3xxx/CVE-2015-3162.json +++ b/2015/3xxx/CVE-2015-3162.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3162", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150507 beaker vulns fixed in version 20.1", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/05/08/1" - }, - { - "name" : "https://bugzilla.redhat.com/attachment.cgi?id=1021565", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/attachment.cgi?id=1021565" - }, - { - "name" : "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes", - "refsource" : "CONFIRM", - "url" : "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215030", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215030" - }, - { - "name" : "74568", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74568" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150507 beaker vulns fixed in version 20.1", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/05/08/1" + }, + { + "name": "74568", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74568" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1215030", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215030" + }, + { + "name": "https://bugzilla.redhat.com/attachment.cgi?id=1021565", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/attachment.cgi?id=1021565" + }, + { + "name": "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes", + "refsource": "CONFIRM", + "url": "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3183.json b/2015/3xxx/CVE-2015-3183.json index 6a61bd8d574..0e7187161b4 100644 --- a/2015/3xxx/CVE-2015-3183.json +++ b/2015/3xxx/CVE-2015-3183.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3183", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3183", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://httpd.apache.org/security/vulnerabilities_24.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_24.html" - }, - { - "name" : "http://www.apache.org/dist/httpd/CHANGES_2.4", - "refsource" : "CONFIRM", - "url" : "http://www.apache.org/dist/httpd/CHANGES_2.4" - }, - { - "name" : "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73", - "refsource" : "CONFIRM", - "url" : "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "https://support.apple.com/HT205219", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205219" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" - }, - { - "name" : "https://puppet.com/security/cve/CVE-2015-3183", - "refsource" : "CONFIRM", - "url" : "https://puppet.com/security/cve/CVE-2015-3183" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-09-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" - }, - { - "name" : "DSA-3325", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3325" - }, - { - "name" : "GLSA-201610-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-02" - }, - { - "name" : "HPSBUX03512", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" - }, - { - "name" : "SSRT102254", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" - }, - { - "name" : "RHSA-2016:0062", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0062.html" - }, - { - "name" : "RHSA-2016:0061", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0061.html" - }, - { - "name" : "RHSA-2015:2659", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2015:2659" - }, - { - "name" : "RHSA-2015:2660", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2015:2660" - }, - { - "name" : "RHSA-2015:2661", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2661.html" - }, - { - "name" : "RHSA-2015:1667", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1667.html" - }, - { - "name" : "RHSA-2015:1668", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1668.html" - }, - { - "name" : "RHSA-2015:1666", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1666.html" - }, - { - "name" : "RHSA-2016:2054", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2054.html" - }, - { - "name" : "RHSA-2016:2055", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2055.html" - }, - { - "name" : "RHSA-2016:2056", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2056.html" - }, - { - "name" : "openSUSE-SU-2015:1684", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html" - }, - { - "name" : "USN-2686-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2686-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "75963", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75963" - }, - { - "name" : "1032967", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032967" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX03512", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" + }, + { + "name": "RHSA-2016:2056", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html" + }, + { + "name": "openSUSE-SU-2015:1684", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_24.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_24.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "RHSA-2016:0061", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "GLSA-201610-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-02" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2015:1667", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html" + }, + { + "name": "RHSA-2016:0062", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html" + }, + { + "name": "http://www.apache.org/dist/httpd/CHANGES_2.4", + "refsource": "CONFIRM", + "url": "http://www.apache.org/dist/httpd/CHANGES_2.4" + }, + { + "name": "RHSA-2015:1666", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" + }, + { + "name": "1032967", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032967" + }, + { + "name": "RHSA-2015:1668", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html" + }, + { + "name": "RHSA-2015:2661", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html" + }, + { + "name": "RHSA-2016:2055", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html" + }, + { + "name": "USN-2686-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2686-1" + }, + { + "name": "SSRT102254", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "75963", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75963" + }, + { + "name": "DSA-3325", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3325" + }, + { + "name": "RHSA-2015:2659", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2015:2659" + }, + { + "name": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73", + "refsource": "CONFIRM", + "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73" + }, + { + "name": "https://puppet.com/security/cve/CVE-2015-3183", + "refsource": "CONFIRM", + "url": "https://puppet.com/security/cve/CVE-2015-3183" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2015:2660", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2015:2660" + }, + { + "name": "RHSA-2016:2054", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789" + }, + { + "name": "APPLE-SA-2015-09-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" + }, + { + "name": "https://support.apple.com/HT205219", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205219" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3514.json b/2015/3xxx/CVE-2015-3514.json index 864e7bdfa07..1a36f26d252 100644 --- a/2015/3xxx/CVE-2015-3514.json +++ b/2015/3xxx/CVE-2015-3514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3514", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3514", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3886.json b/2015/3xxx/CVE-2015-3886.json index 63f5ce921c9..181193cee1c 100644 --- a/2015/3xxx/CVE-2015-3886.json +++ b/2015/3xxx/CVE-2015-3886.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3886", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3886", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150512 CVE request: libinfinity did not correctly check certificates for validity", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2015/q2/410" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1221266", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1221266" - }, - { - "name" : "https://github.com/gobby/gobby/issues/61", - "refsource" : "CONFIRM", - "url" : "https://github.com/gobby/gobby/issues/61" - }, - { - "name" : "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706", - "refsource" : "CONFIRM", - "url" : "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1221266", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221266" + }, + { + "name": "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706", + "refsource": "CONFIRM", + "url": "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706" + }, + { + "name": "[oss-security] 20150512 CVE request: libinfinity did not correctly check certificates for validity", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2015/q2/410" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601" + }, + { + "name": "https://github.com/gobby/gobby/issues/61", + "refsource": "CONFIRM", + "url": "https://github.com/gobby/gobby/issues/61" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3913.json b/2015/3xxx/CVE-2015-3913.json index 28c92306fdf..ddad1697cda 100644 --- a/2015/3xxx/CVE-2015-3913.json +++ b/2015/3xxx/CVE-2015-3913.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3913", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3913", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4252.json b/2015/4xxx/CVE-2015-4252.json index ce695d4cffd..133a15d53a9 100644 --- a/2015/4xxx/CVE-2015-4252.json +++ b/2015/4xxx/CVE-2015-4252.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4252", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4252", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150709 Cisco TelePresence ISDN Gateway Software Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39795" - }, - { - "name" : "1032838", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032838" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032838", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032838" + }, + { + "name": "20150709 Cisco TelePresence ISDN Gateway Software Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39795" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4326.json b/2015/4xxx/CVE-2015-4326.json index b840494d183..7658a40e335 100644 --- a/2015/4xxx/CVE-2015-4326.json +++ b/2015/4xxx/CVE-2015-4326.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4326", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4326", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4485.json b/2015/4xxx/CVE-2015-4485.json index 668a351e8d5..8f0e7628c77 100644 --- a/2015/4xxx/CVE-2015-4485.json +++ b/2015/4xxx/CVE-2015-4485.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "RHSA-2015:1586", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1586.html" - }, - { - "name" : "openSUSE-SU-2015:1389", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html" - }, - { - "name" : "openSUSE-SU-2015:1390", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "SUSE-SU-2015:1449", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" - }, - { - "name" : "openSUSE-SU-2015:1453", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html" - }, - { - "name" : "openSUSE-SU-2015:1454", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html" - }, - { - "name" : "SUSE-SU-2015:1528", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html" - }, - { - "name" : "USN-2702-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-1" - }, - { - "name" : "USN-2702-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-2" - }, - { - "name" : "USN-2702-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-3" - }, - { - "name" : "1033247", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948" + }, + { + "name": "openSUSE-SU-2015:1454", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html" + }, + { + "name": "USN-2702-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-3" + }, + { + "name": "openSUSE-SU-2015:1389", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html" + }, + { + "name": "openSUSE-SU-2015:1453", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html" + }, + { + "name": "RHSA-2015:1586", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "SUSE-SU-2015:1528", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html" + }, + { + "name": "1033247", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033247" + }, + { + "name": "USN-2702-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-2" + }, + { + "name": "USN-2702-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-1" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "SUSE-SU-2015:1449", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:1390", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4861.json b/2015/4xxx/CVE-2015-4861.json index 2919e0721e7..3ed135b46f2 100644 --- a/2015/4xxx/CVE-2015-4861.json +++ b/2015/4xxx/CVE-2015-4861.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3385", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3385" - }, - { - "name" : "DSA-3377", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3377" - }, - { - "name" : "FEDORA-2016-e30164d0a2", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html" - }, - { - "name" : "RHSA-2016:0534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "SUSE-SU-2016:0296", - "refsource" : "SUSE", - "url" : "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html" - }, - { - "name" : "openSUSE-SU-2016:0368", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:2244", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:2246", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html" - }, - { - "name" : "USN-2781-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2781-1" - }, - { - "name" : "77137", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77137" - }, - { - "name" : "1033894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2244", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "1033894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033894" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "RHSA-2016:0534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html" + }, + { + "name": "USN-2781-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2781-1" + }, + { + "name": "SUSE-SU-2016:0296", + "refsource": "SUSE", + "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "openSUSE-SU-2015:2246", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html" + }, + { + "name": "DSA-3385", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3385" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2016:0368", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html" + }, + { + "name": "77137", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77137" + }, + { + "name": "DSA-3377", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3377" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "FEDORA-2016-e30164d0a2", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8062.json b/2015/8xxx/CVE-2015-8062.json index 536a59613a9..9e25353feb4 100644 --- a/2015/8xxx/CVE-2015-8062.json +++ b/2015/8xxx/CVE-2015-8062.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78715", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78715" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "78715", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78715" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8079.json b/2015/8xxx/CVE-2015-8079.json index d4bf9388355..d2d2b20f24d 100644 --- a/2015/8xxx/CVE-2015-8079.json +++ b/2015/8xxx/CVE-2015-8079.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-8079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151105 Re: CVE request: qt5-qtwebkit records visited URLS in private browsing", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/05/4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204795", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204795" - }, - { - "name" : "https://codereview.qt-project.org/#/c/108936/", - "refsource" : "CONFIRM", - "url" : "https://codereview.qt-project.org/#/c/108936/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1204795", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204795" + }, + { + "name": "[oss-security] 20151105 Re: CVE request: qt5-qtwebkit records visited URLS in private browsing", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/05/4" + }, + { + "name": "https://codereview.qt-project.org/#/c/108936/", + "refsource": "CONFIRM", + "url": "https://codereview.qt-project.org/#/c/108936/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8293.json b/2015/8xxx/CVE-2015-8293.json index e3f411b3467..98218452696 100644 --- a/2015/8xxx/CVE-2015-8293.json +++ b/2015/8xxx/CVE-2015-8293.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8293", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8293", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8950.json b/2015/8xxx/CVE-2015-8950.json index c00d7e80f09..427e0b595ef 100644 --- a/2015/8xxx/CVE-2015-8950.json +++ b/2015/8xxx/CVE-2015-8950.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8950", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8950", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-10-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-10-01.html" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3" - }, - { - "name" : "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8" - }, - { - "name" : "93318", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8" + }, + { + "name": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5" + }, + { + "name": "http://source.android.com/security/bulletin/2016-10-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-10-01.html" + }, + { + "name": "93318", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93318" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9211.json b/2015/9xxx/CVE-2015-9211.json index 6e3aca30a7e..4332ffc1606 100644 --- a/2015/9xxx/CVE-2015-9211.json +++ b/2015/9xxx/CVE-2015-9211.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer overread vulnerability in Playready" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overread vulnerability in Playready" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1038.json b/2016/1xxx/CVE-2016-1038.json index f1c6be6912a..376bdd12d7a 100644 --- a/2016/1xxx/CVE-2016-1038.json +++ b/2016/1xxx/CVE-2016-1038.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1038", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1038", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-292", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-292" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90517", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90517" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-292", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292" + }, + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "90517", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90517" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1275.json b/2016/1xxx/CVE-2016-1275.json index e7f2d7bb5a5..62fe524e8a2 100644 --- a/2016/1xxx/CVE-2016-1275.json +++ b/2016/1xxx/CVE-2016-1275.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1275", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1275", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750" - }, - { - "name" : "91758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91758" - }, - { - "name" : "1036301", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036301", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036301" + }, + { + "name": "91758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91758" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1758.json b/2016/1xxx/CVE-2016-1758.json index 6fafeff681f..717a19a02fc 100644 --- a/2016/1xxx/CVE-2016-1758.json +++ b/2016/1xxx/CVE-2016-1758.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "1035353", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "1035353", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035353" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5199.json b/2016/5xxx/CVE-2016-5199.json index 97d2d6078c3..9cefc0cdffd 100644 --- a/2016/5xxx/CVE-2016-5199.json +++ b/2016/5xxx/CVE-2016-5199.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "off by one error" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html" - }, - { - "name" : "https://crbug.com/643948", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/643948" - }, - { - "name" : "GLSA-201611-16", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-16" - }, - { - "name" : "RHSA-2016:2718", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2718.html" - }, - { - "name" : "94196", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94196" - }, - { - "name" : "1037273", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "off by one error" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037273", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037273" + }, + { + "name": "GLSA-201611-16", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-16" + }, + { + "name": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html" + }, + { + "name": "94196", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94196" + }, + { + "name": "https://crbug.com/643948", + "refsource": "CONFIRM", + "url": "https://crbug.com/643948" + }, + { + "name": "RHSA-2016:2718", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2718.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5284.json b/2016/5xxx/CVE-2016-5284.json index c4ec6b95337..fbe8eedfa5e 100644 --- a/2016/5xxx/CVE-2016-5284.json +++ b/2016/5xxx/CVE-2016-5284.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5284", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dailydave] 20160915 Deep down the certificate pinning rabbit hole of \"Tor Browser Exposed\"", - "refsource" : "MLIST", - "url" : "http://seclists.org/dailydave/2016/q3/51" - }, - { - "name" : "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95", - "refsource" : "MISC", - "url" : "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95" - }, - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" - }, - { - "name" : "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/", - "refsource" : "CONFIRM", - "url" : "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-86/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-86/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-88/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-88/" - }, - { - "name" : "DSA-3674", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3674" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1912.html" - }, - { - "name" : "93049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93049" - }, - { - "name" : "1036852", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-86/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-86/" + }, + { + "name": "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/", + "refsource": "CONFIRM", + "url": "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/" + }, + { + "name": "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95", + "refsource": "MISC", + "url": "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95" + }, + { + "name": "DSA-3674", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3674" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127" + }, + { + "name": "[dailydave] 20160915 Deep down the certificate pinning rabbit hole of \"Tor Browser Exposed\"", + "refsource": "MLIST", + "url": "http://seclists.org/dailydave/2016/q3/51" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "RHSA-2016:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1912.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-88/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-88/" + }, + { + "name": "93049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93049" + }, + { + "name": "1036852", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036852" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5450.json b/2016/5xxx/CVE-2016-5450.json index 2f3289a315b..003db18515a 100644 --- a/2016/5xxx/CVE-2016-5450.json +++ b/2016/5xxx/CVE-2016-5450.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91981", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91981" - }, - { - "name" : "1036400", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036400" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036400", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036400" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91981", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91981" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5948.json b/2016/5xxx/CVE-2016-5948.json index d9aeb4ff680..e28bdd7478e 100644 --- a/2016/5xxx/CVE-2016-5948.json +++ b/2016/5xxx/CVE-2016-5948.json @@ -1,94 +1,94 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-5948", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Kenexa LCMS Premier on Cloud", - "version" : { - "version_data" : [ - { - "version_value" : "9.0" - }, - { - "version_value" : "9.1" - }, - { - "version_value" : "9.2" - }, - { - "version_value" : "9.2.1" - }, - { - "version_value" : "9.3.0" - }, - { - "version_value" : "9.4.0" - }, - { - "version_value" : "9.5.0" - }, - { - "version_value" : "10.0.0" - }, - { - "version_value" : "10.1.0" - }, - { - "version_value" : "10.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5948", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Kenexa LCMS Premier on Cloud", + "version": { + "version_data": [ + { + "version_value": "9.0" + }, + { + "version_value": "9.1" + }, + { + "version_value": "9.2" + }, + { + "version_value": "9.2.1" + }, + { + "version_value": "9.3.0" + }, + { + "version_value": "9.4.0" + }, + { + "version_value": "9.5.0" + }, + { + "version_value": "10.0.0" + }, + { + "version_value": "10.1.0" + }, + { + "version_value": "10.2.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21992067", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21992067" - }, - { - "name" : "94388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94388" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21992067", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21992067" + }, + { + "name": "94388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94388" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2088.json b/2018/2xxx/CVE-2018-2088.json index 43ab5b15904..b58792ca77d 100644 --- a/2018/2xxx/CVE-2018-2088.json +++ b/2018/2xxx/CVE-2018-2088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2088", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2088", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2252.json b/2018/2xxx/CVE-2018-2252.json index 93744da3329..4e9638807d2 100644 --- a/2018/2xxx/CVE-2018-2252.json +++ b/2018/2xxx/CVE-2018-2252.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2252", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2252", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6499.json b/2018/6xxx/CVE-2018-6499.json index 364e1757ecf..c7d00caad50 100644 --- a/2018/6xxx/CVE-2018-6499.json +++ b/2018/6xxx/CVE-2018-6499.json @@ -1,194 +1,194 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "DATE_PUBLIC" : "2018-08-30T18:00:00.000Z", - "ID" : "CVE-2018-6499", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : " Network Operations Management (NOM) Suite CDF", - "version" : { - "version_data" : [ - { - "version_value" : "2017.11, 2018.02, 2018.05" - } - ] - } - }, - { - "product_name" : "Service Management Automation Suite", - "version" : { - "version_data" : [ - { - "version_value" : "2017.11, 2018.02, 2018.05" - } - ] - } - }, - { - "product_name" : "Data Center Automation Containerized Suite", - "version" : { - "version_data" : [ - { - "version_value" : "2017.01 until 2018.05" - } - ] - } - }, - { - "product_name" : "Operations Bridge Containerized Suite", - "version" : { - "version_data" : [ - { - "version_value" : "2017.11, 2018.02, 2018.05" - } - ] - } - }, - { - "product_name" : "Hybrid Cloud Management Containerized Suite", - "version" : { - "version_data" : [ - { - "version_value" : "HCM2017.11, HCM2018.02, HCM2018.05" - } - ] - } - }, - { - "product_name" : "Network Virtualization (NV) with floating licenses", - "version" : { - "version_data" : [ - { - "version_value" : " using Any version using APLS older than 10.7" - } - ] - } - }, - { - "product_name" : "Unified Functional Testing (UFT) with floating licenses ", - "version" : { - "version_data" : [ - { - "version_value" : " using Any version using APLS older than 10.7" - } - ] - } - }, - { - "product_name" : "Service Virtualization (SV) with floating licenses", - "version" : { - "version_data" : [ - { - "version_value" : " using Any version using APLS older than 10.7" - } - ] - } - } - ] - }, - "vendor_name" : "Micro Focus" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } - ], - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "ADJACENT_NETWORK", - "availabilityImpact" : "HIGH", - "baseScore" : 7.1, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "HIGH", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "DATE_PUBLIC": "2018-08-30T18:00:00.000Z", + "ID": "CVE-2018-6499", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": " Network Operations Management (NOM) Suite CDF", + "version": { + "version_data": [ + { + "version_value": "2017.11, 2018.02, 2018.05" + } + ] + } + }, + { + "product_name": "Service Management Automation Suite", + "version": { + "version_data": [ + { + "version_value": "2017.11, 2018.02, 2018.05" + } + ] + } + }, + { + "product_name": "Data Center Automation Containerized Suite", + "version": { + "version_data": [ + { + "version_value": "2017.01 until 2018.05" + } + ] + } + }, + { + "product_name": "Operations Bridge Containerized Suite", + "version": { + "version_data": [ + { + "version_value": "2017.11, 2018.02, 2018.05" + } + ] + } + }, + { + "product_name": "Hybrid Cloud Management Containerized Suite", + "version": { + "version_data": [ + { + "version_value": "HCM2017.11, HCM2018.02, HCM2018.05" + } + ] + } + }, + { + "product_name": "Network Virtualization (NV) with floating licenses", + "version": { + "version_data": [ + { + "version_value": " using Any version using APLS older than 10.7" + } + ] + } + }, + { + "product_name": "Unified Functional Testing (UFT) with floating licenses ", + "version": { + "version_data": [ + { + "version_value": " using Any version using APLS older than 10.7" + } + ] + } + }, + { + "product_name": "Service Virtualization (SV) with floating licenses", + "version": { + "version_data": [ + { + "version_value": " using Any version using APLS older than 10.7" + } + ] + } + } + ] + }, + "vendor_name": "Micro Focus" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO" - }, - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648" - }, - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667" - }, - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669" - }, - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722" - }, - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726" - } - ] - }, - "source" : { - "defect" : [ - "Micro", - "Focus", - "Autopass", - "License", - "Server", - "(APLS)", - "Remote", - "Code", - "Execution" - ], - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ], + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726" + } + ] + }, + "source": { + "defect": [ + "Micro", + "Focus", + "Autopass", + "License", + "Server", + "(APLS)", + "Remote", + "Code", + "Execution" + ], + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6579.json b/2018/6xxx/CVE-2018-6579.json index 1d4beff1731..31ddde5eb80 100644 --- a/2018/6xxx/CVE-2018-6579.json +++ b/2018/6xxx/CVE-2018-6579.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6579", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6579", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43950", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43950", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43950" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6601.json b/2018/6xxx/CVE-2018-6601.json index 5e63df572a6..390b4c911dd 100644 --- a/2018/6xxx/CVE-2018-6601.json +++ b/2018/6xxx/CVE-2018-6601.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6601", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6601", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0415.json b/2019/0xxx/CVE-2019-0415.json index a6ea5cca4f5..52a9b892376 100644 --- a/2019/0xxx/CVE-2019-0415.json +++ b/2019/0xxx/CVE-2019-0415.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0415", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0415", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0430.json b/2019/0xxx/CVE-2019-0430.json index 09c0c30d2e6..89100ff2951 100644 --- a/2019/0xxx/CVE-2019-0430.json +++ b/2019/0xxx/CVE-2019-0430.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0430", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0430", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0728.json b/2019/0xxx/CVE-2019-0728.json index 15bfe13dc30..531b8332f5b 100644 --- a/2019/0xxx/CVE-2019-0728.json +++ b/2019/0xxx/CVE-2019-0728.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0728", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Visual Studio Code", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0728", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Visual Studio Code", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728" - }, - { - "name" : "106913", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106913" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106913", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106913" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728" + } + ] + } +} \ No newline at end of file diff --git a/2019/1000xxx/CVE-2019-1000041.json b/2019/1000xxx/CVE-2019-1000041.json index 4ea2410dba4..5ef1862541b 100644 --- a/2019/1000xxx/CVE-2019-1000041.json +++ b/2019/1000xxx/CVE-2019-1000041.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1000041", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-7575, CVE-2019-7577. Reason: This candidate is a reservation duplicate of CVE-2019-7575 and/or CVE-2019-7577. Notes: All CVE users should reference CVE-2019-7575 and/or CVE-2019-7577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1000041", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-7575, CVE-2019-7577. Reason: This candidate is a reservation duplicate of CVE-2019-7575 and/or CVE-2019-7577. Notes: All CVE users should reference CVE-2019-7575 and/or CVE-2019-7577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1055.json b/2019/1xxx/CVE-2019-1055.json index d8026844f2a..81d2ae96131 100644 --- a/2019/1xxx/CVE-2019-1055.json +++ b/2019/1xxx/CVE-2019-1055.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1055", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1055", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1360.json b/2019/1xxx/CVE-2019-1360.json index c61781f8a74..f6abc198941 100644 --- a/2019/1xxx/CVE-2019-1360.json +++ b/2019/1xxx/CVE-2019-1360.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1360", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1360", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1362.json b/2019/1xxx/CVE-2019-1362.json index 0c83a7d773b..99f8b0d359a 100644 --- a/2019/1xxx/CVE-2019-1362.json +++ b/2019/1xxx/CVE-2019-1362.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1362", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1362", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1450.json b/2019/1xxx/CVE-2019-1450.json index c084d3f93da..695a3b32068 100644 --- a/2019/1xxx/CVE-2019-1450.json +++ b/2019/1xxx/CVE-2019-1450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1450", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1450", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1810.json b/2019/1xxx/CVE-2019-1810.json index 66f88611292..8f77c16a1d3 100644 --- a/2019/1xxx/CVE-2019-1810.json +++ b/2019/1xxx/CVE-2019-1810.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1810", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1810", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4795.json b/2019/4xxx/CVE-2019-4795.json index 04f6f251844..c22dd274e11 100644 --- a/2019/4xxx/CVE-2019-4795.json +++ b/2019/4xxx/CVE-2019-4795.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4795", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4795", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5039.json b/2019/5xxx/CVE-2019-5039.json index bba0027cdc1..4ad3848bbfc 100644 --- a/2019/5xxx/CVE-2019-5039.json +++ b/2019/5xxx/CVE-2019-5039.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5039", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5039", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5241.json b/2019/5xxx/CVE-2019-5241.json index 73bd60e27fb..36380775914 100644 --- a/2019/5xxx/CVE-2019-5241.json +++ b/2019/5xxx/CVE-2019-5241.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5241", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5241", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5334.json b/2019/5xxx/CVE-2019-5334.json index 833f29210e6..fd6fc15c033 100644 --- a/2019/5xxx/CVE-2019-5334.json +++ b/2019/5xxx/CVE-2019-5334.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5334", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5334", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5463.json b/2019/5xxx/CVE-2019-5463.json index bd0d77e764a..52cf2813bbe 100644 --- a/2019/5xxx/CVE-2019-5463.json +++ b/2019/5xxx/CVE-2019-5463.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5463", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5463", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file