diff --git a/1999/0xxx/CVE-1999-0125.json b/1999/0xxx/CVE-1999-0125.json index 145ece1e2ad..d71e5a9b50c 100644 --- a/1999/0xxx/CVE-1999-0125.json +++ b/1999/0xxx/CVE-1999-0125.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SGI IRIX mailx program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980605-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SGI IRIX mailx program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980605-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0824.json b/1999/0xxx/CVE-1999-0824.json index f57d20706b7..1dd1da1d9e5 100644 --- a/1999/0xxx/CVE-1999-0824.json +++ b/1999/0xxx/CVE-1999-0824.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "833", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/833" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "833", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/833" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0122.json b/2007/0xxx/CVE-2007-0122.json index 250089382b9..27f0f3db975 100644 --- a/2007/0xxx/CVE-2007-0122.json +++ b/2007/0xxx/CVE-2007-0122.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456051/100/0/threaded" - }, - { - "name" : "3085", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3085" - }, - { - "name" : "http://acid-root.new.fr/poc/19070104.txt", - "refsource" : "MISC", - "url" : "http://acid-root.new.fr/poc/19070104.txt" - }, - { - "name" : "21894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21894" - }, - { - "name" : "35852", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35852" - }, - { - "name" : "35853", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35853" - }, - { - "name" : "35854", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35854" - }, - { - "name" : "35855", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35855" - }, - { - "name" : "35856", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35856" - }, - { - "name" : "25846", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25846" - }, - { - "name" : "2123", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2123" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35853", + "refsource": "OSVDB", + "url": "http://osvdb.org/35853" + }, + { + "name": "2123", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2123" + }, + { + "name": "25846", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25846" + }, + { + "name": "http://acid-root.new.fr/poc/19070104.txt", + "refsource": "MISC", + "url": "http://acid-root.new.fr/poc/19070104.txt" + }, + { + "name": "3085", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3085" + }, + { + "name": "35854", + "refsource": "OSVDB", + "url": "http://osvdb.org/35854" + }, + { + "name": "35852", + "refsource": "OSVDB", + "url": "http://osvdb.org/35852" + }, + { + "name": "20070105 Coppermine Photo Gallery <= 1.4.10 SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456051/100/0/threaded" + }, + { + "name": "21894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21894" + }, + { + "name": "35856", + "refsource": "OSVDB", + "url": "http://osvdb.org/35856" + }, + { + "name": "35855", + "refsource": "OSVDB", + "url": "http://osvdb.org/35855" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0142.json b/2007/0xxx/CVE-2007-0142.json index 73d1023c946..2df87853ceb 100644 --- a/2007/0xxx/CVE-2007-0142.json +++ b/2007/0xxx/CVE-2007-0142.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0142", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the CatID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0142", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070106 shopstorenow (orange.asp) sql injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456127/100/0/threaded" - }, - { - "name" : "21905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21905" - }, - { - "name" : "ADV-2007-0080", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0080" - }, - { - "name" : "31665", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31665" - }, - { - "name" : "23642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23642" - }, - { - "name" : "2120", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2120" - }, - { - "name" : "shopstorenow-orange-sql-injection(31313)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31313" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the CatID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2120", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2120" + }, + { + "name": "20070106 shopstorenow (orange.asp) sql injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456127/100/0/threaded" + }, + { + "name": "shopstorenow-orange-sql-injection(31313)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31313" + }, + { + "name": "23642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23642" + }, + { + "name": "21905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21905" + }, + { + "name": "31665", + "refsource": "OSVDB", + "url": "http://osvdb.org/31665" + }, + { + "name": "ADV-2007-0080", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0080" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0627.json b/2007/0xxx/CVE-2007-0627.json index 0fbf6f2c498..98df4c29379 100644 --- a/2007/0xxx/CVE-2007-0627.json +++ b/2007/0xxx/CVE-2007-0627.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://freshmeat.net/projects/gtalkbot/?branch_id=67830&release_id=245004", - "refsource" : "MISC", - "url" : "http://freshmeat.net/projects/gtalkbot/?branch_id=67830&release_id=245004" - }, - { - "name" : "http://www.stillhq.com/gtalkbot/", - "refsource" : "CONFIRM", - "url" : "http://www.stillhq.com/gtalkbot/" - }, - { - "name" : "http://www.stillhq.com/gtalkbot/000003.html", - "refsource" : "CONFIRM", - "url" : "http://www.stillhq.com/gtalkbot/000003.html" - }, - { - "name" : "22322", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22322" - }, - { - "name" : "ADV-2007-0408", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0408" - }, - { - "name" : "33071", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33071" - }, - { - "name" : "23942", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23942" - }, - { - "name" : "gtalkbot-ps-information-disclosure(31923)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31923" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.stillhq.com/gtalkbot/000003.html", + "refsource": "CONFIRM", + "url": "http://www.stillhq.com/gtalkbot/000003.html" + }, + { + "name": "http://www.stillhq.com/gtalkbot/", + "refsource": "CONFIRM", + "url": "http://www.stillhq.com/gtalkbot/" + }, + { + "name": "22322", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22322" + }, + { + "name": "gtalkbot-ps-information-disclosure(31923)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31923" + }, + { + "name": "23942", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23942" + }, + { + "name": "ADV-2007-0408", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0408" + }, + { + "name": "33071", + "refsource": "OSVDB", + "url": "http://osvdb.org/33071" + }, + { + "name": "http://freshmeat.net/projects/gtalkbot/?branch_id=67830&release_id=245004", + "refsource": "MISC", + "url": "http://freshmeat.net/projects/gtalkbot/?branch_id=67830&release_id=245004" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1034.json b/2007/1xxx/CVE-2007-1034.json index 249876df9b6..50b0d84d808 100644 --- a/2007/1xxx/CVE-2007-1034.json +++ b/2007/1xxx/CVE-2007-1034.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3334", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3334" - }, - { - "name" : "22612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22612" - }, - { - "name" : "ADV-2007-0661", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0661" - }, - { - "name" : "35981", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35981" - }, - { - "name" : "emporium-modules-sql-injection(23699)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the category file in modules.php in the Emporium 2.3.0 and earlier module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3334", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3334" + }, + { + "name": "ADV-2007-0661", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0661" + }, + { + "name": "22612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22612" + }, + { + "name": "35981", + "refsource": "OSVDB", + "url": "http://osvdb.org/35981" + }, + { + "name": "emporium-modules-sql-injection(23699)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23699" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1344.json b/2007/1xxx/CVE-2007-1344.json index 86da1f5d068..66a3ba55e27 100644 --- a/2007/1xxx/CVE-2007-1344.json +++ b/2007/1xxx/CVE-2007-1344.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.icecast.org/ezstream.php#ez_relnotes", - "refsource" : "CONFIRM", - "url" : "http://www.icecast.org/ezstream.php#ez_relnotes" - }, - { - "name" : "22840", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22840" - }, - { - "name" : "ADV-2007-0852", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0852" - }, - { - "name" : "33869", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33869" - }, - { - "name" : "24383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24383" - }, - { - "name" : "ezstream-replacestring-urlparse-bo(32867)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32867" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.icecast.org/ezstream.php#ez_relnotes", + "refsource": "CONFIRM", + "url": "http://www.icecast.org/ezstream.php#ez_relnotes" + }, + { + "name": "22840", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22840" + }, + { + "name": "33869", + "refsource": "OSVDB", + "url": "http://osvdb.org/33869" + }, + { + "name": "ezstream-replacestring-urlparse-bo(32867)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32867" + }, + { + "name": "24383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24383" + }, + { + "name": "ADV-2007-0852", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0852" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1516.json b/2007/1xxx/CVE-2007-1516.json index b2864e0eb65..a0bde58ad32 100644 --- a/2007/1xxx/CVE-2007-1516.json +++ b/2007/1xxx/CVE-2007-1516.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1516", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1516", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3487", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3487" - }, - { - "name" : "22983", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22983" - }, - { - "name" : "ADV-2007-1000", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1000" - }, - { - "name" : "34311", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34311" - }, - { - "name" : "ccmail-update-file-include(32999)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32999" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in functions/update.php in Cicoandcico CcMail 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the functions_dir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ccmail-update-file-include(32999)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32999" + }, + { + "name": "3487", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3487" + }, + { + "name": "34311", + "refsource": "OSVDB", + "url": "http://osvdb.org/34311" + }, + { + "name": "22983", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22983" + }, + { + "name": "ADV-2007-1000", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1000" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1787.json b/2007/1xxx/CVE-2007-1787.json index 68b86aaff56..310b4d93c7b 100644 --- a/2007/1xxx/CVE-2007-1787.json +++ b/2007/1xxx/CVE-2007-1787.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1787", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1787", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070330 [ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464281/100/0/threaded" - }, - { - "name" : "3600", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3600" - }, - { - "name" : "http://advisories.echo.or.id/adv/adv80-K-159-2007.txt", - "refsource" : "MISC", - "url" : "http://advisories.echo.or.id/adv/adv80-K-159-2007.txt" - }, - { - "name" : "23203", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23203" - }, - { - "name" : "ADV-2007-1193", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1193" - }, - { - "name" : "34626", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34626" - }, - { - "name" : "24729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24729" - }, - { - "name" : "softerra-timesheetclass-file-include(33327)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://advisories.echo.or.id/adv/adv80-K-159-2007.txt", + "refsource": "MISC", + "url": "http://advisories.echo.or.id/adv/adv80-K-159-2007.txt" + }, + { + "name": "softerra-timesheetclass-file-include(33327)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33327" + }, + { + "name": "24729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24729" + }, + { + "name": "23203", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23203" + }, + { + "name": "34626", + "refsource": "OSVDB", + "url": "http://osvdb.org/34626" + }, + { + "name": "20070330 [ECHO_ADV_80$2007] Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464281/100/0/threaded" + }, + { + "name": "ADV-2007-1193", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1193" + }, + { + "name": "3600", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3600" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1907.json b/2007/1xxx/CVE-2007-1907.json index 387f38c96f3..1b3991d5874 100644 --- a/2007/1xxx/CVE-2007-1907.json +++ b/2007/1xxx/CVE-2007-1907.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3696", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3696" - }, - { - "name" : "23393", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23393" - }, - { - "name" : "ADV-2007-1321", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1321" - }, - { - "name" : "37394", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37394" - }, - { - "name" : "pathoscms-warn-file-include(33536)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33536" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in warn.php in Pathos Content Management System (CMS) 0.92-2 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23393", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23393" + }, + { + "name": "3696", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3696" + }, + { + "name": "ADV-2007-1321", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1321" + }, + { + "name": "37394", + "refsource": "OSVDB", + "url": "http://osvdb.org/37394" + }, + { + "name": "pathoscms-warn-file-include(33536)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33536" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5578.json b/2007/5xxx/CVE-2007-5578.json index 2b5f5b7b9d4..637a98b1950 100644 --- a/2007/5xxx/CVE-2007-5578.json +++ b/2007/5xxx/CVE-2007-5578.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070604 Kevin Johnson BASE <= 1.3.6 authentication bypass", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0031.html" - }, - { - "name" : "20070606 Kevin Johnson BASE <= 1.3.6 authentication bypass", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063767.html" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=521723", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=521723" - }, - { - "name" : "24315", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24315" - }, - { - "name" : "35243", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35243" - }, - { - "name" : "25518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25518" - }, - { - "name" : "base-basemain-security-bypass(34724)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34724" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24315", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24315" + }, + { + "name": "20070606 Kevin Johnson BASE <= 1.3.6 authentication bypass", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063767.html" + }, + { + "name": "20070604 Kevin Johnson BASE <= 1.3.6 authentication bypass", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0031.html" + }, + { + "name": "25518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25518" + }, + { + "name": "35243", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35243" + }, + { + "name": "base-basemain-security-bypass(34724)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34724" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=521723", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=521723" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5614.json b/2007/5xxx/CVE-2007-5614.json index f3a87561868..b2444833d9c 100644 --- a/2007/5xxx/CVE-2007-5614.json +++ b/2007/5xxx/CVE-2007-5614.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5614", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mortbay Jetty before 6.1.6rc1 does not properly handle \"certain quote sequences\" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-5614", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt", - "refsource" : "CONFIRM", - "url" : "http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt" - }, - { - "name" : "FEDORA-2008-6141", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html" - }, - { - "name" : "FEDORA-2008-6164", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html" - }, - { - "name" : "VU#438616", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/438616" - }, - { - "name" : "26695", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26695" - }, - { - "name" : "42496", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42496" - }, - { - "name" : "27925", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27925" - }, - { - "name" : "30941", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30941" - }, - { - "name" : "35143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35143" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mortbay Jetty before 6.1.6rc1 does not properly handle \"certain quote sequences\" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2008-6141", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html" + }, + { + "name": "FEDORA-2008-6164", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html" + }, + { + "name": "30941", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30941" + }, + { + "name": "VU#438616", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/438616" + }, + { + "name": "26695", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26695" + }, + { + "name": "35143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35143" + }, + { + "name": "27925", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27925" + }, + { + "name": "42496", + "refsource": "OSVDB", + "url": "http://osvdb.org/42496" + }, + { + "name": "http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt", + "refsource": "CONFIRM", + "url": "http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5648.json b/2007/5xxx/CVE-2007-5648.json index 580aa829a1a..db058c03900 100644 --- a/2007/5xxx/CVE-2007-5648.json +++ b/2007/5xxx/CVE-2007-5648.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.lezr.com/exploits/id/84", - "refsource" : "MISC", - "url" : "http://www.lezr.com/exploits/id/84" - }, - { - "name" : "26140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26140" - }, - { - "name" : "38204", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38204" - }, - { - "name" : "27404", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.lezr.com/exploits/id/84", + "refsource": "MISC", + "url": "http://www.lezr.com/exploits/id/84" + }, + { + "name": "27404", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27404" + }, + { + "name": "26140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26140" + }, + { + "name": "38204", + "refsource": "OSVDB", + "url": "http://osvdb.org/38204" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5934.json b/2007/5xxx/CVE-2007-5934.json index 91c2839ccda..d98eb0eda46 100644 --- a/2007/5xxx/CVE-2007-5934.json +++ b/2007/5xxx/CVE-2007-5934.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5934", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2 application, as demonstrated by a file:// URL or a URL for an intranet web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5934", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pear.php.net/bugs/bug.php?id=10024", - "refsource" : "CONFIRM", - "url" : "http://pear.php.net/bugs/bug.php?id=10024" - }, - { - "name" : "http://pear.php.net/package/MDB2/download/2.5.0a1", - "refsource" : "CONFIRM", - "url" : "http://pear.php.net/package/MDB2/download/2.5.0a1" - }, - { - "name" : "[PEAR-CVS] 20070503 cvs: pear /MDB2 MDB2.php package.php /MDB2/MDB2/Driver mysql.php mysqli.php oci8.php pgs", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=pear-cvs&m=117823082829114&w=2" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=198446", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=198446" - }, - { - "name" : "FEDORA-2007-3369", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00434.html" - }, - { - "name" : "GLSA-200712-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-05.xml" - }, - { - "name" : "26382", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26382" - }, - { - "name" : "ADV-2007-3806", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3806" - }, - { - "name" : "42107", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42107" - }, - { - "name" : "27572", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27572" - }, - { - "name" : "27626", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27626" - }, - { - "name" : "27983", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2 application, as demonstrated by a file:// URL or a URL for an intranet web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26382", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26382" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198446", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198446" + }, + { + "name": "http://pear.php.net/package/MDB2/download/2.5.0a1", + "refsource": "CONFIRM", + "url": "http://pear.php.net/package/MDB2/download/2.5.0a1" + }, + { + "name": "42107", + "refsource": "OSVDB", + "url": "http://osvdb.org/42107" + }, + { + "name": "GLSA-200712-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-05.xml" + }, + { + "name": "http://pear.php.net/bugs/bug.php?id=10024", + "refsource": "CONFIRM", + "url": "http://pear.php.net/bugs/bug.php?id=10024" + }, + { + "name": "27983", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27983" + }, + { + "name": "27626", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27626" + }, + { + "name": "[PEAR-CVS] 20070503 cvs: pear /MDB2 MDB2.php package.php /MDB2/MDB2/Driver mysql.php mysqli.php oci8.php pgs", + "refsource": "MLIST", + "url": "http://marc.info/?l=pear-cvs&m=117823082829114&w=2" + }, + { + "name": "27572", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27572" + }, + { + "name": "FEDORA-2007-3369", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00434.html" + }, + { + "name": "ADV-2007-3806", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3806" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5969.json b/2007/5xxx/CVE-2007-5969.json index 43b7bc9f290..b125264bc2e 100644 --- a/2007/5xxx/CVE-2007-5969.json +++ b/2007/5xxx/CVE-2007-5969.json @@ -1,262 +1,262 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486477/100/0/threaded" - }, - { - "name" : "[Announcements] 20071206 MySQL 5.0.51 has been released", - "refsource" : "MLIST", - "url" : "http://lists.mysql.com/announce/495" - }, - { - "name" : "http://bugs.mysql.com/32111", - "refsource" : "CONFIRM", - "url" : "http://bugs.mysql.com/32111" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html" - }, - { - "name" : "http://forums.mysql.com/read.php?3,186931,186931", - "refsource" : "CONFIRM", - "url" : "http://forums.mysql.com/read.php?3,186931,186931" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1999", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1999" - }, - { - "name" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html" - }, - { - "name" : "http://support.apple.com/kb/HT3216", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3216" - }, - { - "name" : "APPLE-SA-2008-10-09", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" - }, - { - "name" : "DSA-1451", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1451" - }, - { - "name" : "FEDORA-2007-4465", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html" - }, - { - "name" : "FEDORA-2007-4471", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html" - }, - { - "name" : "GLSA-200804-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-04.xml" - }, - { - "name" : "MDKSA-2007:243", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243" - }, - { - "name" : "RHSA-2007:1155", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1155.html" - }, - { - "name" : "RHSA-2007:1157", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1157.html" - }, - { - "name" : "SSA:2007-348-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959" - }, - { - "name" : "SUSE-SR:2008:003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" - }, - { - "name" : "USN-559-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/559-1/" - }, - { - "name" : "26765", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26765" - }, - { - "name" : "31681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31681" - }, - { - "name" : "oval:org.mitre.oval:def:10509", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509" - }, - { - "name" : "ADV-2007-4142", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4142" - }, - { - "name" : "ADV-2007-4198", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4198" - }, - { - "name" : "ADV-2008-0560", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0560/references" - }, - { - "name" : "ADV-2008-1000", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1000/references" - }, - { - "name" : "ADV-2008-2780", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2780" - }, - { - "name" : "1019060", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019060" - }, - { - "name" : "27981", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27981" - }, - { - "name" : "28040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28040" - }, - { - "name" : "28063", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28063" - }, - { - "name" : "28025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28025" - }, - { - "name" : "28108", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28108" - }, - { - "name" : "28099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28099" - }, - { - "name" : "28128", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28128" - }, - { - "name" : "28343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28343" - }, - { - "name" : "28559", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28559" - }, - { - "name" : "28838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28838" - }, - { - "name" : "29706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29706" - }, - { - "name" : "32222", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32222" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28343" + }, + { + "name": "GLSA-200804-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-04.xml" + }, + { + "name": "29706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29706" + }, + { + "name": "http://bugs.mysql.com/32111", + "refsource": "CONFIRM", + "url": "http://bugs.mysql.com/32111" + }, + { + "name": "oval:org.mitre.oval:def:10509", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509" + }, + { + "name": "31681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31681" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html" + }, + { + "name": "DSA-1451", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1451" + }, + { + "name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html" + }, + { + "name": "1019060", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019060" + }, + { + "name": "ADV-2007-4142", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4142" + }, + { + "name": "USN-559-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/559-1/" + }, + { + "name": "20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486477/100/0/threaded" + }, + { + "name": "ADV-2008-1000", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1000/references" + }, + { + "name": "SSA:2007-348-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959" + }, + { + "name": "ADV-2008-0560", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0560/references" + }, + { + "name": "26765", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26765" + }, + { + "name": "FEDORA-2007-4465", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html" + }, + { + "name": "28040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28040" + }, + { + "name": "RHSA-2007:1157", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1157.html" + }, + { + "name": "28099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28099" + }, + { + "name": "28559", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28559" + }, + { + "name": "32222", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32222" + }, + { + "name": "27981", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27981" + }, + { + "name": "ADV-2007-4198", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4198" + }, + { + "name": "FEDORA-2007-4471", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html" + }, + { + "name": "[Announcements] 20071206 MySQL 5.0.51 has been released", + "refsource": "MLIST", + "url": "http://lists.mysql.com/announce/495" + }, + { + "name": "RHSA-2007:1155", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1155.html" + }, + { + "name": "28108", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28108" + }, + { + "name": "28025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28025" + }, + { + "name": "ADV-2008-2780", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2780" + }, + { + "name": "http://forums.mysql.com/read.php?3,186931,186931", + "refsource": "CONFIRM", + "url": "http://forums.mysql.com/read.php?3,186931,186931" + }, + { + "name": "28838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28838" + }, + { + "name": "28128", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28128" + }, + { + "name": "MDKSA-2007:243", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:243" + }, + { + "name": "28063", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28063" + }, + { + "name": "SUSE-SR:2008:003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" + }, + { + "name": "APPLE-SA-2008-10-09", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT3216", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3216" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1999", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1999" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3156.json b/2015/3xxx/CVE-2015-3156.json index 35d10138a7e..ecfe76205fe 100644 --- a/2015/3xxx/CVE-2015-3156.json +++ b/2015/3xxx/CVE-2015-3156.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3156", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in trove/guestagent/datastore/experimental/redis/service.py, _write_mycnf function in trove/guestagent/datastore/mysql/service.py, InnoBackupEx::_run_prepare function in trove/guestagent/strategies/restore/mysql_impl.py, InnoBackupEx::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, MySQLDump::cmd in trove/guestagent/strategies/backup/mysql_impl.py, InnoBackupExIncremental::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, _get_actual_db_status function in trove/guestagent/datastore/experimental/cassandra/system.py and trove/guestagent/datastore/experimental/cassandra/service.py, and multiple class CbBackup methods in trove/guestagent/strategies/backup/experimental/couchbase_impl.py in Openstack DBaaS (aka Trove) as packaged in Openstack before 2015.1.0 (aka Kilo) allows local users to write to configuration files via a symlink attack on a temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3156", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.launchpad.net/trove/+bug/1398195", - "refsource" : "MISC", - "url" : "https://bugs.launchpad.net/trove/+bug/1398195" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/service.py#L230", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/service.py#L230" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/mongodb/service.py#L176", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/mongodb/service.py#L176" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/redis/service.py#L236", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/redis/service.py#L236" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/mysql/service.py#L790", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/mysql/service.py#L790" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/experimental/couchbase_impl.py#L30", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/experimental/couchbase_impl.py#L30" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L110", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L110" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L36", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L36" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L55", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L55" - }, - { - "name" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/restore/mysql_impl.py#L194", - "refsource" : "MISC", - "url" : "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/restore/mysql_impl.py#L194" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216073", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216073" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _write_config function in trove/guestagent/datastore/experimental/mongodb/service.py, reset_configuration function in trove/guestagent/datastore/experimental/postgresql/service/config.py, write_config function in trove/guestagent/datastore/experimental/redis/service.py, _write_mycnf function in trove/guestagent/datastore/mysql/service.py, InnoBackupEx::_run_prepare function in trove/guestagent/strategies/restore/mysql_impl.py, InnoBackupEx::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, MySQLDump::cmd in trove/guestagent/strategies/backup/mysql_impl.py, InnoBackupExIncremental::cmd function in trove/guestagent/strategies/backup/mysql_impl.py, _get_actual_db_status function in trove/guestagent/datastore/experimental/cassandra/system.py and trove/guestagent/datastore/experimental/cassandra/service.py, and multiple class CbBackup methods in trove/guestagent/strategies/backup/experimental/couchbase_impl.py in Openstack DBaaS (aka Trove) as packaged in Openstack before 2015.1.0 (aka Kilo) allows local users to write to configuration files via a symlink attack on a temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/mysql/service.py#L790", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/mysql/service.py#L790" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L110", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L110" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/service.py#L230", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/service.py#L230" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L55", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L55" + }, + { + "name": "https://bugs.launchpad.net/trove/+bug/1398195", + "refsource": "MISC", + "url": "https://bugs.launchpad.net/trove/+bug/1398195" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/experimental/couchbase_impl.py#L30", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/experimental/couchbase_impl.py#L30" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/mongodb/service.py#L176", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/mongodb/service.py#L176" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L36", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L36" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/restore/mysql_impl.py#L194", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/restore/mysql_impl.py#L194" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1216073", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216073" + }, + { + "name": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/redis/service.py#L236", + "refsource": "MISC", + "url": "https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/redis/service.py#L236" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3447.json b/2015/3xxx/CVE-2015-3447.json index dd1cc28b9c8..6450e762387 100644 --- a/2015/3xxx/CVE-2015-3447.json +++ b/2015/3xxx/CVE-2015-3447.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535393/100/0/threaded" - }, - { - "name" : "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Apr/97" - }, - { - "name" : "http://www.vulnerability-lab.com/get_content.php?id=1359", - "refsource" : "MISC", - "url" : "http://www.vulnerability-lab.com/get_content.php?id=1359" - }, - { - "name" : "74406", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74406" - }, - { - "name" : "1032204", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in macIpSpoofView.html in Dell SonicWall SonicOS 7.5.0.12 and 6.x allow remote attackers to inject arbitrary web script or HTML via the (1) searchSpoof or (2) searchSpoofIpDet parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Apr/97" + }, + { + "name": "20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535393/100/0/threaded" + }, + { + "name": "74406", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74406" + }, + { + "name": "http://www.vulnerability-lab.com/get_content.php?id=1359", + "refsource": "MISC", + "url": "http://www.vulnerability-lab.com/get_content.php?id=1359" + }, + { + "name": "1032204", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032204" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3450.json b/2015/3xxx/CVE-2015-3450.json index ad2c8334d19..2422d69b28e 100644 --- a/2015/3xxx/CVE-2015-3450.json +++ b/2015/3xxx/CVE-2015-3450.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted XML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150429 Re: CVE request libaxl <= 0.6.9", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/29/7" - }, - { - "name" : "74375", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74375" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in libaxl 0.6.9 allows attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted XML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74375", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74375" + }, + { + "name": "[oss-security] 20150429 Re: CVE request libaxl <= 0.6.9", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/29/7" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3500.json b/2015/3xxx/CVE-2015-3500.json index 3a4a92e5944..ecc2c471924 100644 --- a/2015/3xxx/CVE-2015-3500.json +++ b/2015/3xxx/CVE-2015-3500.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3500", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3500", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3700.json b/2015/3xxx/CVE-2015-3700.json index d2b26bbb11e..fbd0a3241e7 100644 --- a/2015/3xxx/CVE-2015-3700.json +++ b/2015/3xxx/CVE-2015-3700.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4513.json b/2015/4xxx/CVE-2015-4513.json index fbd784dbf56..355bf90ef80 100644 --- a/2015/4xxx/CVE-2015-4513.json +++ b/2015/4xxx/CVE-2015-4513.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1107011", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1107011" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1191942", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1191942" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193038", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1193038" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204580", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204580" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204669", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204669" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204700", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1204700" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205707", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1205707" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1206564", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1206564" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208665", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208665" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1209471", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1209471" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1213979", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1213979" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3410", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3410" - }, - { - "name" : "DSA-3393", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3393" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:2519", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2519.html" - }, - { - "name" : "RHSA-2015:1982", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1982.html" - }, - { - "name" : "openSUSE-SU-2015:2229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" - }, - { - "name" : "openSUSE-SU-2015:2245", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" - }, - { - "name" : "SUSE-SU-2015:1926", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:1978", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:1981", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "USN-2819-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2819-1" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "77411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77411" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "DSA-3410", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3410" + }, + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "77411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77411" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193038", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193038" + }, + { + "name": "SUSE-SU-2015:1981", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:2229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" + }, + { + "name": "RHSA-2015:2519", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2519.html" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1107011", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1107011" + }, + { + "name": "SUSE-SU-2015:1926", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204700", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204700" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204669", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204669" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208665", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208665" + }, + { + "name": "RHSA-2015:1982", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1982.html" + }, + { + "name": "USN-2819-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2819-1" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1206564", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1206564" + }, + { + "name": "DSA-3393", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3393" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1191942", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1191942" + }, + { + "name": "openSUSE-SU-2015:2245", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204580", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1204580" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209471", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209471" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-116.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205707", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1205707" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1213979", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1213979" + }, + { + "name": "SUSE-SU-2015:1978", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4524.json b/2015/4xxx/CVE-2015-4524.json index 1954961e485..d2c966b9353 100644 --- a/2015/4xxx/CVE-2015-4524.json +++ b/2015/4xxx/CVE-2015-4524.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4524", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-4524", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150701 ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2015/Jul/9" - }, - { - "name" : "1032770", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032770" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032770", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032770" + }, + { + "name": "20150701 ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2015/Jul/9" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7013.json b/2015/7xxx/CVE-2015-7013.json index f343b1bf7d0..4bf675dcba8 100644 --- a/2015/7xxx/CVE-2015-7013.json +++ b/2015/7xxx/CVE-2015-7013.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205372", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205372" - }, - { - "name" : "https://support.apple.com/HT205377", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205377" - }, - { - "name" : "APPLE-SA-2015-10-21-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html" - }, - { - "name" : "APPLE-SA-2015-10-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:0761", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" - }, - { - "name" : "77264", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77264" - }, - { - "name" : "1033939", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033939" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77264", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77264" + }, + { + "name": "openSUSE-SU-2016:0761", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" + }, + { + "name": "https://support.apple.com/HT205372", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205372" + }, + { + "name": "APPLE-SA-2015-10-21-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00004.html" + }, + { + "name": "APPLE-SA-2015-10-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html" + }, + { + "name": "https://support.apple.com/HT205377", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205377" + }, + { + "name": "1033939", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033939" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7504.json b/2015/7xxx/CVE-2015-7504.json index 889cedb65f3..591e33f2bd1 100644 --- a/2015/7xxx/CVE-2015-7504.json +++ b/2015/7xxx/CVE-2015-7504.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504)", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html" - }, - { - "name" : "[oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/30/2" - }, - { - "name" : "http://xenbits.xen.org/xsa/advisory-162.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-162.html" - }, - { - "name" : "DSA-3469", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3469" - }, - { - "name" : "DSA-3470", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3470" - }, - { - "name" : "DSA-3471", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3471" - }, - { - "name" : "GLSA-201602-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201602-01" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "RHSA-2015:2694", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2694.html" - }, - { - "name" : "RHSA-2015:2695", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2695.html" - }, - { - "name" : "RHSA-2015:2696", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2696.html" - }, - { - "name" : "78227", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78227" - }, - { - "name" : "1034268", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2694", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2694.html" + }, + { + "name": "1034268", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034268" + }, + { + "name": "78227", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78227" + }, + { + "name": "[oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/30/2" + }, + { + "name": "[Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504)", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-162.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-162.html" + }, + { + "name": "DSA-3469", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3469" + }, + { + "name": "DSA-3470", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3470" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + }, + { + "name": "DSA-3471", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3471" + }, + { + "name": "GLSA-201602-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201602-01" + }, + { + "name": "RHSA-2015:2696", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2696.html" + }, + { + "name": "RHSA-2015:2695", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2695.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7798.json b/2015/7xxx/CVE-2015-7798.json index effe07fd768..b5e220cf76a 100644 --- a/2015/7xxx/CVE-2015-7798.json +++ b/2015/7xxx/CVE-2015-7798.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7798", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7798", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cs.cybozu.co.jp/2015/006072.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2015/006072.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2015/006087.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2015/006087.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2016/006107.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006107.html" - }, - { - "name" : "https://cs.cybozu.co.jp/2016/006109.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006109.html" - }, - { - "name" : "JVN#69278491", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN69278491/index.html" - }, - { - "name" : "JVNDB-2016-000026", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000026", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026" + }, + { + "name": "https://cs.cybozu.co.jp/2015/006072.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2015/006072.html" + }, + { + "name": "https://cs.cybozu.co.jp/2015/006087.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2015/006087.html" + }, + { + "name": "https://cs.cybozu.co.jp/2016/006107.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006107.html" + }, + { + "name": "JVN#69278491", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN69278491/index.html" + }, + { + "name": "https://cs.cybozu.co.jp/2016/006109.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006109.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7972.json b/2015/7xxx/CVE-2015-7972.json index 4ba32240d2b..1ab19bc1165 100644 --- a/2015/7xxx/CVE-2015-7972.json +++ b/2015/7xxx/CVE-2015-7972.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7972", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to \"heavy memory pressure.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7972", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-153.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-153.html" - }, - { - "name" : "http://support.citrix.com/article/CTX202404", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX202404" - }, - { - "name" : "DSA-3414", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3414" - }, - { - "name" : "FEDORA-2015-242be2c240", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html" - }, - { - "name" : "FEDORA-2015-6f6b79efe2", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html" - }, - { - "name" : "FEDORA-2015-a931b02be2", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "openSUSE-SU-2015:1965", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html" - }, - { - "name" : "77365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77365" - }, - { - "name" : "1034036", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034036" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to \"heavy memory pressure.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.citrix.com/article/CTX202404", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX202404" + }, + { + "name": "FEDORA-2015-242be2c240", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html" + }, + { + "name": "FEDORA-2015-a931b02be2", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-153.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-153.html" + }, + { + "name": "77365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77365" + }, + { + "name": "openSUSE-SU-2015:1965", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html" + }, + { + "name": "DSA-3414", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3414" + }, + { + "name": "FEDORA-2015-6f6b79efe2", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + }, + { + "name": "1034036", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034036" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8738.json b/2015/8xxx/CVE-2015-8738.json index a5fe474841f..4e3618d79a0 100644 --- a/2015/8xxx/CVE-2015-8738.json +++ b/2015/8xxx/CVE-2015-8738.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-56.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-56.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11823" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-56.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-56.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=858c3f0079f987833fb22eba2c361d1a88ba4103" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8748.json b/2015/8xxx/CVE-2015-8748.json index e699ba847e1..4e5247e816a 100644 --- a/2015/8xxx/CVE-2015-8748.json +++ b/2015/8xxx/CVE-2015-8748.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8748", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by \".*\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-8748", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160105 CVE request for radicale", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/05/7" - }, - { - "name" : "[oss-security] 20160106 Re: CVE request for radicale", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/06/4" - }, - { - "name" : "https://github.com/Kozea/Radicale/pull/341", - "refsource" : "CONFIRM", - "url" : "https://github.com/Kozea/Radicale/pull/341" - }, - { - "name" : "https://github.com/Unrud/Radicale/commit/4bfe7c9f7991d534c8b9fbe153af9d341f925f98", - "refsource" : "CONFIRM", - "url" : "https://github.com/Unrud/Radicale/commit/4bfe7c9f7991d534c8b9fbe153af9d341f925f98" - }, - { - "name" : "DSA-3462", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3462" - }, - { - "name" : "FEDORA-2016-cf9e2429b5", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175776.html" - }, - { - "name" : "FEDORA-2016-f048c43393", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175738.html" - }, - { - "name" : "80255", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/80255" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by \".*\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "80255", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80255" + }, + { + "name": "[oss-security] 20160105 CVE request for radicale", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/05/7" + }, + { + "name": "https://github.com/Kozea/Radicale/pull/341", + "refsource": "CONFIRM", + "url": "https://github.com/Kozea/Radicale/pull/341" + }, + { + "name": "DSA-3462", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3462" + }, + { + "name": "FEDORA-2016-cf9e2429b5", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175776.html" + }, + { + "name": "[oss-security] 20160106 Re: CVE request for radicale", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/06/4" + }, + { + "name": "https://github.com/Unrud/Radicale/commit/4bfe7c9f7991d534c8b9fbe153af9d341f925f98", + "refsource": "CONFIRM", + "url": "https://github.com/Unrud/Radicale/commit/4bfe7c9f7991d534c8b9fbe153af9d341f925f98" + }, + { + "name": "FEDORA-2016-f048c43393", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175738.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8799.json b/2015/8xxx/CVE-2015-8799.json index 3a5157de358..1175e1fecee 100644 --- a/2015/8xxx/CVE-2015-8799.json +++ b/2015/8xxx/CVE-2015-8799.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "ID": "CVE-2015-8799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160607_00", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160607_00" - }, - { - "name" : "90885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90885" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160607_00", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160607_00" + }, + { + "name": "90885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90885" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8930.json b/2015/8xxx/CVE-2015-8930.json index 95da5493bfb..170ee3e65bb 100644 --- a/2015/8xxx/CVE-2015-8930.json +++ b/2015/8xxx/CVE-2015-8930.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8930", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8930", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160617 Many invalid memory access issues in libarchive", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/17/2" - }, - { - "name" : "[oss-security] 20160617 Re: Many invalid memory access issues in libarchive", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/17/5" - }, - { - "name" : "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html", - "refsource" : "MISC", - "url" : "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html" - }, - { - "name" : "https://github.com/libarchive/libarchive/issues/522", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/issues/522" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3657", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3657" - }, - { - "name" : "GLSA-201701-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-03" - }, - { - "name" : "RHSA-2016:1844", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1844.html" - }, - { - "name" : "SUSE-SU-2016:1909", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html" - }, - { - "name" : "USN-3033-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3033-1" - }, - { - "name" : "91339", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91339" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91339", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91339" + }, + { + "name": "USN-3033-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3033-1" + }, + { + "name": "RHSA-2016:1844", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html" + }, + { + "name": "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html", + "refsource": "MISC", + "url": "https://blog.fuzzing-project.org/47-Many-invalid-memory-access-issues-in-libarchive.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "SUSE-SU-2016:1909", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00025.html" + }, + { + "name": "[oss-security] 20160617 Many invalid memory access issues in libarchive", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/17/2" + }, + { + "name": "GLSA-201701-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-03" + }, + { + "name": "[oss-security] 20160617 Re: Many invalid memory access issues in libarchive", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/17/5" + }, + { + "name": "https://github.com/libarchive/libarchive/issues/522", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/issues/522" + }, + { + "name": "DSA-3657", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3657" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8952.json b/2015/8xxx/CVE-2015-8952.json index c066832d90e..10c88683da4 100644 --- a/2015/8xxx/CVE-2015-8952.json +++ b/2015/8xxx/CVE-2015-8952.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8952", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160822 CVE request: Linux kernel mbcache lock contention denial of service.", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/22/2" - }, - { - "name" : "[oss-security] 20160825 Re: CVE request: Linux kernel mbcache lock contention denial of service.", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/25/4" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac" - }, - { - "name" : "https://bugzilla.kernel.org/show_bug.cgi?id=107301", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.kernel.org/show_bug.cgi?id=107301" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1360968", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1360968" - }, - { - "name" : "https://github.com/torvalds/linux/commit/82939d7999dfc1f1998c4b1c12e2f19edbdff272", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/82939d7999dfc1f1998c4b1c12e2f19edbdff272" - }, - { - "name" : "https://github.com/torvalds/linux/commit/be0726d33cb8f411945884664924bed3cb8c70ee", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/be0726d33cb8f411945884664924bed3cb8c70ee" - }, - { - "name" : "https://github.com/torvalds/linux/commit/f9a61eb4e2471c56a63cd804c7474128138c38ac", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/f9a61eb4e2471c56a63cd804c7474128138c38ac" - }, - { - "name" : "https://lwn.net/Articles/668718/", - "refsource" : "CONFIRM", - "url" : "https://lwn.net/Articles/668718/" - }, - { - "name" : "USN-3582-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3582-1/" - }, - { - "name" : "USN-3582-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3582-2/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1360968", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360968" + }, + { + "name": "https://github.com/torvalds/linux/commit/f9a61eb4e2471c56a63cd804c7474128138c38ac", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/f9a61eb4e2471c56a63cd804c7474128138c38ac" + }, + { + "name": "https://github.com/torvalds/linux/commit/82939d7999dfc1f1998c4b1c12e2f19edbdff272", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/82939d7999dfc1f1998c4b1c12e2f19edbdff272" + }, + { + "name": "USN-3582-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3582-1/" + }, + { + "name": "https://bugzilla.kernel.org/show_bug.cgi?id=107301", + "refsource": "CONFIRM", + "url": "https://bugzilla.kernel.org/show_bug.cgi?id=107301" + }, + { + "name": "[oss-security] 20160825 Re: CVE request: Linux kernel mbcache lock contention denial of service.", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/25/4" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee" + }, + { + "name": "[oss-security] 20160822 CVE request: Linux kernel mbcache lock contention denial of service.", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/22/2" + }, + { + "name": "https://github.com/torvalds/linux/commit/be0726d33cb8f411945884664924bed3cb8c70ee", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/be0726d33cb8f411945884664924bed3cb8c70ee" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac" + }, + { + "name": "https://lwn.net/Articles/668718/", + "refsource": "CONFIRM", + "url": "https://lwn.net/Articles/668718/" + }, + { + "name": "USN-3582-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3582-2/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0405.json b/2016/0xxx/CVE-2016-0405.json index 4023ec17d4d..5e768279e64 100644 --- a/2016/0xxx/CVE-2016-0405.json +++ b/2016/0xxx/CVE-2016-0405.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect confidentiality via vectors related to Cluster Manageability and Serviceability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect confidentiality via vectors related to Cluster Manageability and Serviceability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1147.json b/2016/1xxx/CVE-2016-1147.json index 72d13aadf3f..f3218e7e97e 100644 --- a/2016/1xxx/CVE-2016-1147.json +++ b/2016/1xxx/CVE-2016-1147.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1147", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1147", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1338.json b/2016/1xxx/CVE-2016-1338.json index bd1c21ee691..bfdc9c54de4 100644 --- a/2016/1xxx/CVE-2016-1338.json +++ b/2016/1xxx/CVE-2016-1338.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160309 Cisco TelePresence Video Communication Server Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-vcs" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160309 Cisco TelePresence Video Communication Server Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-vcs" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1927.json b/2016/1xxx/CVE-2016-1927.json index 00f5c46d29e..d155567a9e8 100644 --- a/2016/1xxx/CVE-2016-1927.json +++ b/2016/1xxx/CVE-2016-1927.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1927", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1927", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4" - }, - { - "name" : "DSA-3627", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3627" - }, - { - "name" : "FEDORA-2016-e1fe01e96e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" - }, - { - "name" : "FEDORA-2016-e55278763e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" - }, - { - "name" : "openSUSE-SU-2016:0357", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" - }, - { - "name" : "openSUSE-SU-2016:0378", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2016-4.php" + }, + { + "name": "openSUSE-SU-2016:0378", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html" + }, + { + "name": "DSA-3627", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3627" + }, + { + "name": "openSUSE-SU-2016:0357", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8dedcc1a175eb07debd4fe116407c43694c60b22" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/912856b432d794201884c36e5f390d446339b6e4" + }, + { + "name": "FEDORA-2016-e55278763e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html" + }, + { + "name": "FEDORA-2016-e1fe01e96e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5328.json b/2016/5xxx/CVE-2016-5328.json index 4a2f0c3ded2..5d6b23abc93 100644 --- a/2016/5xxx/CVE-2016-5328.json +++ b/2016/5xxx/CVE-2016-5328.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5328", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5328", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2016-0017.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2016-0017.html" - }, - { - "name" : "93886", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93886" - }, - { - "name" : "1037102", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037102" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93886", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93886" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2016-0017.html" + }, + { + "name": "1037102", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037102" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5398.json b/2016/5xxx/CVE-2016-5398.json index d93c8d419d7..25fbd09c23e 100644 --- a/2016/5xxx/CVE-2016-5398.json +++ b/2016/5xxx/CVE-2016-5398.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358523", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358523" - }, - { - "name" : "RHSA-2016:1968", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1968.html" - }, - { - "name" : "RHSA-2016:1969", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1969.html" - }, - { - "name" : "93219", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93219", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93219" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1358523", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358523" + }, + { + "name": "RHSA-2016:1969", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1969.html" + }, + { + "name": "RHSA-2016:1968", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1968.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5616.json b/2016/5xxx/CVE-2016-5616.json index 4e6ca40d3c7..a863102d9ff 100644 --- a/2016/5xxx/CVE-2016-5616.json +++ b/2016/5xxx/CVE-2016-5616.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5616", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5616", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5804.json b/2016/5xxx/CVE-2016-5804.json index 70be96b7156..aa95cdb3ba4 100644 --- a/2016/5xxx/CVE-2016-5804.json +++ b/2016/5xxx/CVE-2016-5804.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-5804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02" - }, - { - "name" : "91777", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91777" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02" + }, + { + "name": "91777", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91777" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2192.json b/2018/2xxx/CVE-2018-2192.json index 0b303cf57d3..680184ede44 100644 --- a/2018/2xxx/CVE-2018-2192.json +++ b/2018/2xxx/CVE-2018-2192.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2192", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2192", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2244.json b/2018/2xxx/CVE-2018-2244.json index b3e141e7a7b..430e2eef35a 100644 --- a/2018/2xxx/CVE-2018-2244.json +++ b/2018/2xxx/CVE-2018-2244.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2244", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2244", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2434.json b/2018/2xxx/CVE-2018-2434.json index f9c91c1e3dc..bf100665544 100644 --- a/2018/2xxx/CVE-2018-2434.json +++ b/2018/2xxx/CVE-2018-2434.json @@ -1,121 +1,121 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2434", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP NetWeaver (UI_Infra)", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "1.0" - } - ] - } - }, - { - "product_name" : "SAP UI Implementation for Decoupled Innovations (UI_700)", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "2.0" - } - ] - } - }, - { - "product_name" : "SAP NetWeaver ", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "7.0" - } - ] - } - }, - { - "product_name" : "SAP User Interface Technology (SAP_UI)", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "7.4" - }, - { - "version_name" : "=", - "version_value" : "7.5" - }, - { - "version_name" : "=", - "version_value" : "7.51" - }, - { - "version_name" : "=", - "version_value" : "7.52" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Content Spoofing " - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2434", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver (UI_Infra)", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "1.0" + } + ] + } + }, + { + "product_name": "SAP UI Implementation for Decoupled Innovations (UI_700)", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "2.0" + } + ] + } + }, + { + "product_name": "SAP NetWeaver ", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "7.0" + } + ] + } + }, + { + "product_name": "SAP User Interface Technology (SAP_UI)", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "7.4" + }, + { + "version_name": "=", + "version_value": "7.5" + }, + { + "version_name": "=", + "version_value": "7.51" + }, + { + "version_name": "=", + "version_value": "7.52" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2633180", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2633180" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000", - "refsource" : "CONFIRM", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000" - }, - { - "name" : "105088", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105088" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Content Spoofing " + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105088", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105088" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000", + "refsource": "CONFIRM", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2633180", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2633180" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0103.json b/2019/0xxx/CVE-2019-0103.json index c30f16e93d1..e5634ef8006 100644 --- a/2019/0xxx/CVE-2019-0103.json +++ b/2019/0xxx/CVE-2019-0103.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-02-12T00:00:00", - "ID" : "CVE-2019-0103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-02-12T00:00:00", + "ID": "CVE-2019-0103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html" - }, - { - "name" : "107074", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107074" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107074", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107074" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01" + }, + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0294.json b/2019/0xxx/CVE-2019-0294.json index 993cd5e7c64..15e7e5253bd 100644 --- a/2019/0xxx/CVE-2019-0294.json +++ b/2019/0xxx/CVE-2019-0294.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0294", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0294", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0880.json b/2019/0xxx/CVE-2019-0880.json index fb02bc124b1..3ded6c38dd0 100644 --- a/2019/0xxx/CVE-2019-0880.json +++ b/2019/0xxx/CVE-2019-0880.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0880", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0880", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1191.json b/2019/1xxx/CVE-2019-1191.json index f8947d0934b..def0cd9f7d7 100644 --- a/2019/1xxx/CVE-2019-1191.json +++ b/2019/1xxx/CVE-2019-1191.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1191", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1191", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1307.json b/2019/1xxx/CVE-2019-1307.json index c966d5d589b..61cdfe2db2b 100644 --- a/2019/1xxx/CVE-2019-1307.json +++ b/2019/1xxx/CVE-2019-1307.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1307", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1307", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1524.json b/2019/1xxx/CVE-2019-1524.json index c70d668136f..6a15546b2ec 100644 --- a/2019/1xxx/CVE-2019-1524.json +++ b/2019/1xxx/CVE-2019-1524.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1524", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1524", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1994.json b/2019/1xxx/CVE-2019-1994.json index 01fc30a336c..a681c058f8b 100644 --- a/2019/1xxx/CVE-2019-1994.json +++ b/2019/1xxx/CVE-2019-1994.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2019-02-04T00:00:00", - "ID" : "CVE-2019-1994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-8.0 Android-8.1 Android-9" - } - ] - } - } - ] - }, - "vendor_name" : "Android" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2019-02-04T00:00:00", + "ID": "CVE-2019-1994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + }, + "vendor_name": "Android" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2019-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2019-02-01" - }, - { - "name" : "106946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2019-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "name": "106946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106946" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4209.json b/2019/4xxx/CVE-2019-4209.json index 15af6178d3e..219a34547dc 100644 --- a/2019/4xxx/CVE-2019-4209.json +++ b/2019/4xxx/CVE-2019-4209.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4209", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4209", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4335.json b/2019/4xxx/CVE-2019-4335.json index d898b5ceaae..dd7d97f406a 100644 --- a/2019/4xxx/CVE-2019-4335.json +++ b/2019/4xxx/CVE-2019-4335.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4335", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4335", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4983.json b/2019/4xxx/CVE-2019-4983.json index 9f187adc531..aa63030a0c8 100644 --- a/2019/4xxx/CVE-2019-4983.json +++ b/2019/4xxx/CVE-2019-4983.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4983", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4983", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5302.json b/2019/5xxx/CVE-2019-5302.json index 07047a3736a..5dba0121358 100644 --- a/2019/5xxx/CVE-2019-5302.json +++ b/2019/5xxx/CVE-2019-5302.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5302", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5302", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5488.json b/2019/5xxx/CVE-2019-5488.json index 9084e60e323..63beaa99814 100644 --- a/2019/5xxx/CVE-2019-5488.json +++ b/2019/5xxx/CVE-2019-5488.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5488", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5488", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.iwantacve.cn/index.php/archives/108/", - "refsource" : "MISC", - "url" : "http://www.iwantacve.cn/index.php/archives/108/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.iwantacve.cn/index.php/archives/108/", + "refsource": "MISC", + "url": "http://www.iwantacve.cn/index.php/archives/108/" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5561.json b/2019/5xxx/CVE-2019-5561.json index cc8dff3303a..73f11488126 100644 --- a/2019/5xxx/CVE-2019-5561.json +++ b/2019/5xxx/CVE-2019-5561.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5561", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5561", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5951.json b/2019/5xxx/CVE-2019-5951.json index 03138e67626..1f2da813034 100644 --- a/2019/5xxx/CVE-2019-5951.json +++ b/2019/5xxx/CVE-2019-5951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9259.json b/2019/9xxx/CVE-2019-9259.json index c7e2e6a8dd0..0c7ac7e1dc8 100644 --- a/2019/9xxx/CVE-2019-9259.json +++ b/2019/9xxx/CVE-2019-9259.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9259", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9259", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9489.json b/2019/9xxx/CVE-2019-9489.json index b9520662671..273cfe4f1e1 100644 --- a/2019/9xxx/CVE-2019-9489.json +++ b/2019/9xxx/CVE-2019-9489.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9489", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9489", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9707.json b/2019/9xxx/CVE-2019-9707.json index 4f3bbd1c1a8..26da8001a3f 100644 --- a/2019/9xxx/CVE-2019-9707.json +++ b/2019/9xxx/CVE-2019-9707.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9707", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9707", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9719.json b/2019/9xxx/CVE-2019-9719.json index 161da1021f8..3369eb8f315 100644 --- a/2019/9xxx/CVE-2019-9719.json +++ b/2019/9xxx/CVE-2019-9719.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9719", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9719", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9744.json b/2019/9xxx/CVE-2019-9744.json index 271c6674709..5dcfc9069b4 100644 --- a/2019/9xxx/CVE-2019-9744.json +++ b/2019/9xxx/CVE-2019-9744.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9744", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9744", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file