diff --git a/2007/0xxx/CVE-2007-0005.json b/2007/0xxx/CVE-2007-0005.json index 962a4b02527..3dc93f47fc3 100644 --- a/2007/0xxx/CVE-2007-0005.json +++ b/2007/0xxx/CVE-2007-0005.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0005", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0005", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070309 Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462300/100/0/threaded" - }, - { - "name" : "20070615 rPSA-2007-0124-1 kernel xen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471457" - }, - { - "name" : "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3", - "refsource" : "CONFIRM", - "url" : "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1035", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1035" - }, - { - "name" : "DSA-1286", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1286" - }, - { - "name" : "FEDORA-2007-335", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2787" - }, - { - "name" : "FEDORA-2007-336", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2788" - }, - { - "name" : "MDKSA-2007:078", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" - }, - { - "name" : "RHSA-2007:0099", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0099.html" - }, - { - "name" : "USN-486-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-486-1" - }, - { - "name" : "USN-489-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-489-1" - }, - { - "name" : "22870", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22870" - }, - { - "name" : "oval:org.mitre.oval:def:11238", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11238" - }, - { - "name" : "ADV-2007-0872", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0872" - }, - { - "name" : "33023", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33023" - }, - { - "name" : "24436", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24436" - }, - { - "name" : "24518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24518" - }, - { - "name" : "24777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24777" - }, - { - "name" : "24901", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24901" - }, - { - "name" : "25078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25078" - }, - { - "name" : "25691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25691" - }, - { - "name" : "26133", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26133" - }, - { - "name" : "26139", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26139" - }, - { - "name" : "kernel-cardman4040drivers-bo(32880)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32880" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1286", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1286" + }, + { + "name": "RHSA-2007:0099", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0099.html" + }, + { + "name": "24901", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24901" + }, + { + "name": "MDKSA-2007:078", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" + }, + { + "name": "33023", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33023" + }, + { + "name": "20070309 Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462300/100/0/threaded" + }, + { + "name": "24777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24777" + }, + { + "name": "24436", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24436" + }, + { + "name": "ADV-2007-0872", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0872" + }, + { + "name": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3", + "refsource": "CONFIRM", + "url": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc3" + }, + { + "name": "USN-489-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-489-1" + }, + { + "name": "24518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24518" + }, + { + "name": "oval:org.mitre.oval:def:11238", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11238" + }, + { + "name": "20070615 rPSA-2007-0124-1 kernel xen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471457" + }, + { + "name": "FEDORA-2007-335", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2787" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1035", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1035" + }, + { + "name": "25078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25078" + }, + { + "name": "FEDORA-2007-336", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2788" + }, + { + "name": "kernel-cardman4040drivers-bo(32880)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32880" + }, + { + "name": "22870", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22870" + }, + { + "name": "USN-486-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-486-1" + }, + { + "name": "25691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25691" + }, + { + "name": "26139", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26139" + }, + { + "name": "26133", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26133" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0017.json b/2007/0xxx/CVE-2007-0017.json index cad749fa2f0..51e1794051d 100644 --- a/2007/0xxx/CVE-2007-0017.json +++ b/2007/0xxx/CVE-2007-0017.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0017", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0017", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[vlc-devel] 20070102 Security hole in VLC media player for Mac...", - "refsource" : "MLIST", - "url" : "http://www.via.ecp.fr/via/ml/vlc-devel/2007-01/msg00005.html" - }, - { - "name" : "http://projects.info-pull.com/moab/MOAB-02-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-02-01-2007.html" - }, - { - "name" : "http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html", - "refsource" : "MISC", - "url" : "http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html" - }, - { - "name" : "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html", - "refsource" : "MISC", - "url" : "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html" - }, - { - "name" : "http://trac.videolan.org/vlc/changeset/18481", - "refsource" : "CONFIRM", - "url" : "http://trac.videolan.org/vlc/changeset/18481" - }, - { - "name" : "http://www.videolan.org/patches/vlc-0.8.6-MOAB-02-01-2007.patch", - "refsource" : "CONFIRM", - "url" : "http://www.videolan.org/patches/vlc-0.8.6-MOAB-02-01-2007.patch" - }, - { - "name" : "http://www.videolan.org/sa0701.html", - "refsource" : "CONFIRM", - "url" : "http://www.videolan.org/sa0701.html" - }, - { - "name" : "DSA-1252", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1252" - }, - { - "name" : "GLSA-200701-24", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200701-24.xml" - }, - { - "name" : "SUSE-SA:2007:013", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_13_xine.html" - }, - { - "name" : "21852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21852" - }, - { - "name" : "oval:org.mitre.oval:def:14313", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14313" - }, - { - "name" : "ADV-2007-0026", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0026" - }, - { - "name" : "31163", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31163" - }, - { - "name" : "1017464", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017464" - }, - { - "name" : "23592", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23592" - }, - { - "name" : "23829", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23829" - }, - { - "name" : "23910", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23910" - }, - { - "name" : "23971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23971" - }, - { - "name" : "vlcmediaplayer-udp-format-string(31226)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31226" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21852" + }, + { + "name": "ADV-2007-0026", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0026" + }, + { + "name": "23971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23971" + }, + { + "name": "vlcmediaplayer-udp-format-string(31226)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31226" + }, + { + "name": "31163", + "refsource": "OSVDB", + "url": "http://osvdb.org/31163" + }, + { + "name": "SUSE-SA:2007:013", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_13_xine.html" + }, + { + "name": "1017464", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017464" + }, + { + "name": "23829", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23829" + }, + { + "name": "http://www.videolan.org/patches/vlc-0.8.6-MOAB-02-01-2007.patch", + "refsource": "CONFIRM", + "url": "http://www.videolan.org/patches/vlc-0.8.6-MOAB-02-01-2007.patch" + }, + { + "name": "23592", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23592" + }, + { + "name": "23910", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23910" + }, + { + "name": "http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html", + "refsource": "MISC", + "url": "http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html" + }, + { + "name": "GLSA-200701-24", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200701-24.xml" + }, + { + "name": "http://projects.info-pull.com/moab/MOAB-02-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-02-01-2007.html" + }, + { + "name": "oval:org.mitre.oval:def:14313", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14313" + }, + { + "name": "http://www.videolan.org/sa0701.html", + "refsource": "CONFIRM", + "url": "http://www.videolan.org/sa0701.html" + }, + { + "name": "http://trac.videolan.org/vlc/changeset/18481", + "refsource": "CONFIRM", + "url": "http://trac.videolan.org/vlc/changeset/18481" + }, + { + "name": "[vlc-devel] 20070102 Security hole in VLC media player for Mac...", + "refsource": "MLIST", + "url": "http://www.via.ecp.fr/via/ml/vlc-devel/2007-01/msg00005.html" + }, + { + "name": "DSA-1252", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1252" + }, + { + "name": "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html", + "refsource": "MISC", + "url": "http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0080.json b/2007/0xxx/CVE-2007-0080.json index 31290bad582..5957714232f 100644 --- a/2007/0xxx/CVE-2007-0080.json +++ b/2007/0xxx/CVE-2007-0080.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0080", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited \"only to local administrators who have write access to the server configuration files.\" CVE concurs with the dispute." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0080", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070102 FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455678/100/0/threaded" - }, - { - "name" : "20070103 Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455812/100/0/threaded" - }, - { - "name" : "http://www.freeradius.org/security.html", - "refsource" : "MISC", - "url" : "http://www.freeradius.org/security.html" - }, - { - "name" : "20070211 FreeRADIUS dispute of CVE-2007-0080", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001304.html" - }, - { - "name" : "32082", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32082" - }, - { - "name" : "1017463", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017463" - }, - { - "name" : "freeradius-smbconnectserver-bo(31248)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited \"only to local administrators who have write access to the server configuration files.\" CVE concurs with the dispute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32082", + "refsource": "OSVDB", + "url": "http://osvdb.org/32082" + }, + { + "name": "http://www.freeradius.org/security.html", + "refsource": "MISC", + "url": "http://www.freeradius.org/security.html" + }, + { + "name": "20070211 FreeRADIUS dispute of CVE-2007-0080", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001304.html" + }, + { + "name": "1017463", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017463" + }, + { + "name": "freeradius-smbconnectserver-bo(31248)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31248" + }, + { + "name": "20070102 FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455678/100/0/threaded" + }, + { + "name": "20070103 Re: FreeRadius 1.1.3 SMB_Handle_Type SMB_Connect_Server arbitrary code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455812/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0641.json b/2007/0xxx/CVE-2007-0641.json index 7f229c0bae5..ad04ba81afe 100644 --- a/2007/0xxx/CVE-2007-0641.json +++ b/2007/0xxx/CVE-2007-0641.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0641", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0641", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c" - }, - { - "name" : "22301", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22301" - }, - { - "name" : "38119", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38119" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22301", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22301" + }, + { + "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c", + "refsource": "MISC", + "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c" + }, + { + "name": "38119", + "refsource": "OSVDB", + "url": "http://osvdb.org/38119" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1264.json b/2007/1xxx/CVE-2007-1264.json index d3bba7a5082..540f2bc58bc 100644 --- a/2007/1xxx/CVE-2007-1264.json +++ b/2007/1xxx/CVE-2007-1264.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability ", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461958/100/0/threaded" - }, - { - "name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" - }, - { - "name" : "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", - "refsource" : "MLIST", - "url" : "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" - }, - { - "name" : "http://www.coresecurity.com/?action=item&id=1687", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/?action=item&id=1687" - }, - { - "name" : "22758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22758" - }, - { - "name" : "ADV-2007-0835", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0835" - }, - { - "name" : "1017727", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017727" - }, - { - "name" : "24416", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24416" - }, - { - "name" : "2353", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Enigmail 0.94.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Enigmail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", + "refsource": "MLIST", + "url": "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" + }, + { + "name": "22758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22758" + }, + { + "name": "24416", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24416" + }, + { + "name": "2353", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2353" + }, + { + "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" + }, + { + "name": "http://www.coresecurity.com/?action=item&id=1687", + "refsource": "MISC", + "url": "http://www.coresecurity.com/?action=item&id=1687" + }, + { + "refsource": "BUGTRAQ", + "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", + "url": "http://www.securityfocus.com/archive/1/461958/100/0/threaded" + }, + { + "name": "1017727", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017727" + }, + { + "name": "ADV-2007-0835", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0835" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1887.json b/2007/1xxx/CVE-2007-1887.json index 99d178a1653..18c02435b1e 100644 --- a/2007/1xxx/CVE-2007-1887.json +++ b/2007/1xxx/CVE-2007-1887.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-41-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-41-2007.html" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "http://www.php.net/releases/5_2_3.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_3.php" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "FEDORA-2007-2215", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "HPSBUX02262", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" - }, - { - "name" : "SSRT071447", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" - }, - { - "name" : "MDKSA-2007:088", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" - }, - { - "name" : "MDKSA-2007:089", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089" - }, - { - "name" : "USN-455-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-455-1" - }, - { - "name" : "23235", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23235" - }, - { - "name" : "oval:org.mitre.oval:def:5348", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348" - }, - { - "name" : "ADV-2007-2016", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2016" - }, - { - "name" : "ADV-2007-3386", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3386" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25057" - }, - { - "name" : "24909", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24909" - }, - { - "name" : "27037", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27037" - }, - { - "name" : "27110", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27110" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "php-sqlitedecodebinary-bo(33766)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33766" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27110", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27110" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "ADV-2007-2016", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2016" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "oval:org.mitre.oval:def:5348", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-41-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-41-2007.html" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "FEDORA-2007-2215", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html" + }, + { + "name": "USN-455-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-455-1" + }, + { + "name": "24909", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24909" + }, + { + "name": "ADV-2007-3386", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3386" + }, + { + "name": "php-sqlitedecodebinary-bo(33766)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33766" + }, + { + "name": "23235", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23235" + }, + { + "name": "27037", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27037" + }, + { + "name": "http://www.php.net/releases/5_2_3.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_3.php" + }, + { + "name": "SSRT071447", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" + }, + { + "name": "HPSBUX02262", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "MDKSA-2007:089", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089" + }, + { + "name": "25057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25057" + }, + { + "name": "MDKSA-2007:088", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1922.json b/2007/1xxx/CVE-2007-1922.json index c663381d66f..ce319db7209 100644 --- a/2007/1xxx/CVE-2007-1922.json +++ b/2007/1xxx/CVE-2007-1922.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070406 AOL Nullsoft Winamp IT Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464893/100/0/threaded" - }, - { - "name" : "20070406 AOL Nullsoft Winamp S3M Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464890/100/0/threaded" - }, - { - "name" : "[dailydave] 20070406 AOL Nullsoft Winamp IT Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=dailydave&m=117589949000906&w=2" - }, - { - "name" : "[dailydave] 20070406 AOL Nullsoft Winamp S3M Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=dailydave&m=117590046601511&w=2" - }, - { - "name" : "http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt", - "refsource" : "MISC", - "url" : "http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt" - }, - { - "name" : "http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt", - "refsource" : "MISC", - "url" : "http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt" - }, - { - "name" : "23350", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23350" - }, - { - "name" : "ADV-2007-1286", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1286" - }, - { - "name" : "34430", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34430" - }, - { - "name" : "34431", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34431" - }, - { - "name" : "1017886", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017886" - }, - { - "name" : "2532", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2532" - }, - { - "name" : "winamp-inmod-code-execution(33480)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33480" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017886", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017886" + }, + { + "name": "winamp-inmod-code-execution(33480)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33480" + }, + { + "name": "[dailydave] 20070406 AOL Nullsoft Winamp S3M Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", + "refsource": "MLIST", + "url": "http://marc.info/?l=dailydave&m=117590046601511&w=2" + }, + { + "name": "[dailydave] 20070406 AOL Nullsoft Winamp IT Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", + "refsource": "MLIST", + "url": "http://marc.info/?l=dailydave&m=117589949000906&w=2" + }, + { + "name": "http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt", + "refsource": "MISC", + "url": "http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt" + }, + { + "name": "ADV-2007-1286", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1286" + }, + { + "name": "34430", + "refsource": "OSVDB", + "url": "http://osvdb.org/34430" + }, + { + "name": "34431", + "refsource": "OSVDB", + "url": "http://osvdb.org/34431" + }, + { + "name": "http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt", + "refsource": "MISC", + "url": "http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt" + }, + { + "name": "20070406 AOL Nullsoft Winamp IT Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464893/100/0/threaded" + }, + { + "name": "20070406 AOL Nullsoft Winamp S3M Module \"IN_MOD.DLL\" Remote Heap Memory Corruption", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464890/100/0/threaded" + }, + { + "name": "23350", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23350" + }, + { + "name": "2532", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2532" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3030.json b/2007/3xxx/CVE-2007-3030.json index faf7d62a25a..f00f7be2237 100644 --- a/2007/3xxx/CVE-2007-3030.json +++ b/2007/3xxx/CVE-2007-3030.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the \"denoting [of] the start of a Workspace designation\", which results in memory corruption, aka the \"Workbook Memory Corruption Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-3030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "SSRT071446", - "refsource" : "HP", - "url" : "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html" - }, - { - "name" : "MS07-036", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036" - }, - { - "name" : "TA07-191A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-191A.html" - }, - { - "name" : "24803", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24803" - }, - { - "name" : "35959", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35959" - }, - { - "name" : "ADV-2007-2478", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2478" - }, - { - "name" : "oval:org.mitre.oval:def:1709", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1709" - }, - { - "name" : "1018352", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018352" - }, - { - "name" : "25995", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25995" - }, - { - "name" : "excel-workspace-designation-code-execution(35217)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the \"denoting [of] the start of a Workspace designation\", which results in memory corruption, aka the \"Workbook Memory Corruption Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT071446", + "refsource": "HP", + "url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html" + }, + { + "name": "oval:org.mitre.oval:def:1709", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1709" + }, + { + "name": "1018352", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018352" + }, + { + "name": "MS07-036", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036" + }, + { + "name": "24803", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24803" + }, + { + "name": "35959", + "refsource": "OSVDB", + "url": "http://osvdb.org/35959" + }, + { + "name": "ADV-2007-2478", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2478" + }, + { + "name": "excel-workspace-designation-code-execution(35217)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35217" + }, + { + "name": "25995", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25995" + }, + { + "name": "TA07-191A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3846.json b/2007/3xxx/CVE-2007-3846.json index 00f12dc2b01..c80b67c671f 100644 --- a/2007/3xxx/CVE-2007-3846.json +++ b/2007/3xxx/CVE-2007-3846.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3846", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\\ (dot dot backslash) sequence in the filename, as stored in the file repository." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3846", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release)", - "refsource" : "MLIST", - "url" : "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413" - }, - { - "name" : "http://crisp.cs.du.edu/?q=node/36", - "refsource" : "MISC", - "url" : "http://crisp.cs.du.edu/?q=node/36" - }, - { - "name" : "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941", - "refsource" : "CONFIRM", - "url" : "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941" - }, - { - "name" : "http://tortoisesvn.net/node/291", - "refsource" : "CONFIRM", - "url" : "http://tortoisesvn.net/node/291" - }, - { - "name" : "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413", - "refsource" : "CONFIRM", - "url" : "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413" - }, - { - "name" : "25468", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25468" - }, - { - "name" : "ADV-2007-3003", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3003" - }, - { - "name" : "ADV-2007-3004", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3004" - }, - { - "name" : "40118", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40118" - }, - { - "name" : "40119", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40119" - }, - { - "name" : "1018617", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018617" - }, - { - "name" : "26625", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26625" - }, - { - "name" : "26632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26632" - }, - { - "name" : "subversion-filename-directory-traversal(36312)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\\ (dot dot backslash) sequence in the filename, as stored in the file repository." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3004", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3004" + }, + { + "name": "[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release)", + "refsource": "MLIST", + "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413" + }, + { + "name": "http://tortoisesvn.net/node/291", + "refsource": "CONFIRM", + "url": "http://tortoisesvn.net/node/291" + }, + { + "name": "26632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26632" + }, + { + "name": "25468", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25468" + }, + { + "name": "http://crisp.cs.du.edu/?q=node/36", + "refsource": "MISC", + "url": "http://crisp.cs.du.edu/?q=node/36" + }, + { + "name": "40119", + "refsource": "OSVDB", + "url": "http://osvdb.org/40119" + }, + { + "name": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941", + "refsource": "CONFIRM", + "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941" + }, + { + "name": "1018617", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018617" + }, + { + "name": "26625", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26625" + }, + { + "name": "ADV-2007-3003", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3003" + }, + { + "name": "40118", + "refsource": "OSVDB", + "url": "http://osvdb.org/40118" + }, + { + "name": "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413", + "refsource": "CONFIRM", + "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users&msgNo=69413" + }, + { + "name": "subversion-filename-directory-traversal(36312)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3969.json b/2007/3xxx/CVE-2007-3969.json index 297c508a236..f87c54d7262 100644 --- a/2007/3xxx/CVE-2007-3969.json +++ b/2007/3xxx/CVE-2007-3969.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an \"Integer Cast Around.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474247/100/0/threaded" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf" - }, - { - "name" : "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt", - "refsource" : "MISC", - "url" : "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt" - }, - { - "name" : "24989", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24989" - }, - { - "name" : "1018437", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018437" - }, - { - "name" : "26171", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26171" - }, - { - "name" : "2920", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2920" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an \"Integer Cast Around.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.pdf" + }, + { + "name": "2920", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2920" + }, + { + "name": "24989", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24989" + }, + { + "name": "26171", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26171" + }, + { + "name": "1018437", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018437" + }, + { + "name": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt", + "refsource": "MISC", + "url": "http://www.nruns.com/[n.runs-SA-2007.019]%20-%20Panda%20Antivirus%20EXE%20parsing%20Arbitrary%20Code%20Execution%20Advisory.txt" + }, + { + "name": "20070720 2007-07-20 - n.runs-SA-2007.019 - Panda Antivirus EXE parsing Arbitrary Code Execution Advisory", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474247/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4450.json b/2007/4xxx/CVE-2007-4450.json index ae3b2cf167b..3612207c51e 100644 --- a/2007/4xxx/CVE-2007-4450.json +++ b/2007/4xxx/CVE-2007-4450.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The server in Toribash 2.71 and earlier does not properly handle long commands, which allows remote attackers to trigger a protocol violation in which data is sent to other clients without a required LF character, as demonstrated by a SAY command. NOTE: the security impact of this violation is not clear, although it probably makes exploitation of CVE-2007-4449 easier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070818 Multiple vulnerabilities in Toribash 2.71", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/toribashish.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/toribashish.zip" - }, - { - "name" : "25359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25359" - }, - { - "name" : "26507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26507" - }, - { - "name" : "3033", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3033" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The server in Toribash 2.71 and earlier does not properly handle long commands, which allows remote attackers to trigger a protocol violation in which data is sent to other clients without a required LF character, as demonstrated by a SAY command. NOTE: the security impact of this violation is not clear, although it probably makes exploitation of CVE-2007-4449 easier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070818 Multiple vulnerabilities in Toribash 2.71", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded" + }, + { + "name": "http://aluigi.org/poc/toribashish.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/toribashish.zip" + }, + { + "name": "25359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25359" + }, + { + "name": "26507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26507" + }, + { + "name": "3033", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3033" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4534.json b/2007/4xxx/CVE-2007-4534.json index 63685f09b3a..b521f71a6eb 100644 --- a/2007/4xxx/CVE-2007-4534.json +++ b/2007/4xxx/CVE-2007-4534.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4534", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and possibly (2) a long name field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4534", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aluigi.altervista.org/adv/vaboom2-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/vaboom2-adv.txt" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=256621", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=256621" - }, - { - "name" : "FEDORA-2007-1977", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00094.html" - }, - { - "name" : "25436", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25436" - }, - { - "name" : "26554", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26554" - }, - { - "name" : "26701", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26701" - }, - { - "name" : "3057", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3057" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and possibly (2) a long name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26701", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26701" + }, + { + "name": "http://aluigi.altervista.org/adv/vaboom2-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/vaboom2-adv.txt" + }, + { + "name": "FEDORA-2007-1977", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00094.html" + }, + { + "name": "3057", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3057" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=256621", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=256621" + }, + { + "name": "26554", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26554" + }, + { + "name": "25436", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25436" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4704.json b/2007/4xxx/CVE-2007-4704.json index c94ff31c489..c0bf835f5a8 100644 --- a/2007/4xxx/CVE-2007-4704.json +++ b/2007/4xxx/CVE-2007-4704.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4704", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4704", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2007-11-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307004", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307004" - }, - { - "name" : "26459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26459" - }, - { - "name" : "ADV-2007-3897", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3897" - }, - { - "name" : "1018958", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018958" - }, - { - "name" : "27695", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27695" - }, - { - "name" : "macosx-appfw-launchd-bypass(38492)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27695", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27695" + }, + { + "name": "APPLE-SA-2007-11-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html" + }, + { + "name": "ADV-2007-3897", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3897" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307004", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307004" + }, + { + "name": "1018958", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018958" + }, + { + "name": "macosx-appfw-launchd-bypass(38492)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38492" + }, + { + "name": "26459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26459" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4868.json b/2007/4xxx/CVE-2007-4868.json index 45e6fc0b738..71e90c717d6 100644 --- a/2007/4xxx/CVE-2007-4868.json +++ b/2007/4xxx/CVE-2007-4868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5602.json b/2014/5xxx/CVE-2014-5602.json index b3aec307637..c66679bd3b7 100644 --- a/2014/5xxx/CVE-2014-5602.json +++ b/2014/5xxx/CVE-2014-5602.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5602", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Magzter -Magazine & Book Store (aka com.dci.magzter) application 3.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5602", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#539729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/539729" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Magzter -Magazine & Book Store (aka com.dci.magzter) application 3.31 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#539729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/539729" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2004.json b/2015/2xxx/CVE-2015-2004.json index e8595682dae..4096395117f 100644 --- a/2015/2xxx/CVE-2015-2004.json +++ b/2015/2xxx/CVE-2015-2004.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://alephsecurity.com/vulns/aleph-2015005", - "refsource" : "MISC", - "url" : "https://alephsecurity.com/vulns/aleph-2015005" - }, - { - "name" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", - "refsource" : "MISC", - "url" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", + "refsource": "MISC", + "url": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" + }, + { + "name": "https://alephsecurity.com/vulns/aleph-2015005", + "refsource": "MISC", + "url": "https://alephsecurity.com/vulns/aleph-2015005" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2041.json b/2015/2xxx/CVE-2015-2041.json index f4b0d549918..77c46784e2d 100644 --- a/2015/2xxx/CVE-2015-2041.json +++ b/2015/2xxx/CVE-2015-2041.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150220 CVE-2015-2041 - Linux kernel - incorrect data type in llc2_timeout_table", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/02/20/19" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195350", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195350" - }, - { - "name" : "https://github.com/torvalds/linux/commit/6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49" - }, - { - "name" : "DSA-3237", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3237" - }, - { - "name" : "SUSE-SU-2015:0812", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html" - }, - { - "name" : "SUSE-SU-2015:1478", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:1224", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" - }, - { - "name" : "openSUSE-SU-2015:1382", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html" - }, - { - "name" : "USN-2560-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2560-1" - }, - { - "name" : "USN-2561-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2561-1" - }, - { - "name" : "USN-2562-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2562-1" - }, - { - "name" : "USN-2563-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2563-1" - }, - { - "name" : "USN-2564-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2564-1" - }, - { - "name" : "USN-2565-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2565-1" - }, - { - "name" : "72729", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49" + }, + { + "name": "72729", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72729" + }, + { + "name": "USN-2562-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2562-1" + }, + { + "name": "USN-2565-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2565-1" + }, + { + "name": "USN-2561-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2561-1" + }, + { + "name": "USN-2564-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2564-1" + }, + { + "name": "USN-2563-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2563-1" + }, + { + "name": "DSA-3237", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3237" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195350", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195350" + }, + { + "name": "openSUSE-SU-2015:1382", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html" + }, + { + "name": "USN-2560-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2560-1" + }, + { + "name": "SUSE-SU-2015:1478", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49" + }, + { + "name": "[oss-security] 20150220 CVE-2015-2041 - Linux kernel - incorrect data type in llc2_timeout_table", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/02/20/19" + }, + { + "name": "SUSE-SU-2015:1224", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" + }, + { + "name": "SUSE-SU-2015:0812", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2590.json b/2015/2xxx/CVE-2015-2590.json index 946e2a91ef7..c193c5ccc6d 100644 --- a/2015/2xxx/CVE-2015-2590.json +++ b/2015/2xxx/CVE-2015-2590.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "DSA-3339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3339" - }, - { - "name" : "DSA-3316", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3316" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2015:1526", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1526.html" - }, - { - "name" : "RHSA-2015:1228", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1228.html" - }, - { - "name" : "RHSA-2015:1229", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1229.html" - }, - { - "name" : "RHSA-2015:1230", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1230.html" - }, - { - "name" : "RHSA-2015:1241", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1241.html" - }, - { - "name" : "RHSA-2015:1242", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1242.html" - }, - { - "name" : "RHSA-2015:1243", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1243.html" - }, - { - "name" : "RHSA-2015:1485", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1485.html" - }, - { - "name" : "RHSA-2015:1486", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1486.html" - }, - { - "name" : "RHSA-2015:1488", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1488.html" - }, - { - "name" : "RHSA-2015:1544", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1544.html" - }, - { - "name" : "RHSA-2015:1604", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1604.html" - }, - { - "name" : "SUSE-SU-2015:1319", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:1320", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:1288", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:1289", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" - }, - { - "name" : "USN-2696-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2696-1" - }, - { - "name" : "USN-2706-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2706-1" - }, - { - "name" : "75818", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75818" - }, - { - "name" : "1032910", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032910" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1243", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "75818", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75818" + }, + { + "name": "RHSA-2015:1229", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html" + }, + { + "name": "1032910", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032910" + }, + { + "name": "USN-2706-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2706-1" + }, + { + "name": "RHSA-2015:1526", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html" + }, + { + "name": "RHSA-2015:1485", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html" + }, + { + "name": "RHSA-2015:1544", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html" + }, + { + "name": "openSUSE-SU-2015:1289", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" + }, + { + "name": "RHSA-2015:1228", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html" + }, + { + "name": "DSA-3316", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3316" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "RHSA-2015:1486", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "USN-2696-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2696-1" + }, + { + "name": "DSA-3339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3339" + }, + { + "name": "RHSA-2015:1242", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html" + }, + { + "name": "RHSA-2015:1488", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html" + }, + { + "name": "SUSE-SU-2015:1319", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" + }, + { + "name": "SUSE-SU-2015:1320", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" + }, + { + "name": "openSUSE-SU-2015:1288", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" + }, + { + "name": "RHSA-2015:1241", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html" + }, + { + "name": "RHSA-2015:1230", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html" + }, + { + "name": "RHSA-2015:1604", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2652.json b/2015/2xxx/CVE-2015-2652.json index c1b598dd12d..aaa78dbc395 100644 --- a/2015/2xxx/CVE-2015-2652.json +++ b/2015/2xxx/CVE-2015-2652.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2652", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2652", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151008 CVE-2015-2652 - Unauthenticated File Upload in Oracle E-business Suite.", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/33" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "1032926", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032926", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032926" + }, + { + "name": "20151008 CVE-2015-2652 - Unauthenticated File Upload in Oracle E-business Suite.", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/33" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2661.json b/2015/2xxx/CVE-2015-2661.json index 5c2e780d850..d482f42abae 100644 --- a/2015/2xxx/CVE-2015-2661.json +++ b/2015/2xxx/CVE-2015-2661.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2661", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "GLSA-201610-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-06" - }, - { - "name" : "RHSA-2015:1630", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html" - }, - { - "name" : "RHSA-2015:1646", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html" - }, - { - "name" : "openSUSE-SU-2015:1629", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" - }, - { - "name" : "USN-2674-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2674-1" - }, - { - "name" : "75813", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75813" - }, - { - "name" : "1032911", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032911" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75813", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75813" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032911", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032911" + }, + { + "name": "RHSA-2015:1646", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html" + }, + { + "name": "openSUSE-SU-2015:1629", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" + }, + { + "name": "USN-2674-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2674-1" + }, + { + "name": "GLSA-201610-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-06" + }, + { + "name": "RHSA-2015:1630", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6185.json b/2015/6xxx/CVE-2015-6185.json index 71cb6910b86..020a085eea6 100644 --- a/2015/6xxx/CVE-2015-6185.json +++ b/2015/6xxx/CVE-2015-6185.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6185", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6185", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6584.json b/2015/6xxx/CVE-2015-6584.json index 22404dd5fbe..198a895a20b 100644 --- a/2015/6xxx/CVE-2015-6584.json +++ b/2015/6xxx/CVE-2015-6584.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6584", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6584", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150910 DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536437/100/0/threaded" - }, - { - "name" : "20150910 DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/37" - }, - { - "name" : "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/", - "refsource" : "MISC", - "url" : "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/" - }, - { - "name" : "http://packetstormsecurity.com/files/133555/DataTables-1.10.8-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133555/DataTables-1.10.8-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the scripts parameter to media/unit_testing/templates/6776.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133555/DataTables-1.10.8-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133555/DataTables-1.10.8-Cross-Site-Scripting.html" + }, + { + "name": "20150910 DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536437/100/0/threaded" + }, + { + "name": "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/", + "refsource": "MISC", + "url": "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/" + }, + { + "name": "20150910 DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/37" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6902.json b/2015/6xxx/CVE-2015-6902.json index 235d592a44e..32153075e50 100644 --- a/2015/6xxx/CVE-2015-6902.json +++ b/2015/6xxx/CVE-2015-6902.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6902", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6902", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7398.json b/2015/7xxx/CVE-2015-7398.json index 3080890a420..e2d637cd9f0 100644 --- a/2015/7xxx/CVE-2015-7398.json +++ b/2015/7xxx/CVE-2015-7398.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973592", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973592" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7585.json b/2015/7xxx/CVE-2015-7585.json index fb093d2ff1b..a8205ee2351 100644 --- a/2015/7xxx/CVE-2015-7585.json +++ b/2015/7xxx/CVE-2015-7585.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7585", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7585", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7723.json b/2015/7xxx/CVE-2015-7723.json index d256b7681e4..4cbb71e37c3 100644 --- a/2015/7xxx/CVE-2015-7723.json +++ b/2015/7xxx/CVE-2015-7723.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151029 CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536783/100/0/threaded" - }, - { - "name" : "20151029 CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/104" - }, - { - "name" : "http://packetstormsecurity.com/files/134121/AMD-fglrx-driver-14.4.2-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134121/AMD-fglrx-driver-14.4.2-Privilege-Escalation.html" - }, - { - "name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/", - "refsource" : "MISC", - "url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/" - }, - { - "name" : "77357", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77357" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/", + "refsource": "MISC", + "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723/" + }, + { + "name": "http://packetstormsecurity.com/files/134121/AMD-fglrx-driver-14.4.2-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134121/AMD-fglrx-driver-14.4.2-Privilege-Escalation.html" + }, + { + "name": "20151029 CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/104" + }, + { + "name": "20151029 CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536783/100/0/threaded" + }, + { + "name": "77357", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77357" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7804.json b/2015/7xxx/CVE-2015-7804.json index 3b4aad51e56..b0cce947096 100644 --- a/2015/7xxx/CVE-2015-7804.json +++ b/2015/7xxx/CVE-2015-7804.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/05/8" - }, - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70433", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70433" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "DSA-3380", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3380" - }, - { - "name" : "GLSA-201606-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-10" - }, - { - "name" : "SSA:2016-034-04", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720" - }, - { - "name" : "openSUSE-SU-2016:0251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" - }, - { - "name" : "USN-2786-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2786-1" - }, - { - "name" : "76959", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76959" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "openSUSE-SU-2016:0251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html" + }, + { + "name": "DSA-3380", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3380" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "SSA:2016-034-04", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720" + }, + { + "name": "76959", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76959" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1" + }, + { + "name": "http://www.php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=70433", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70433" + }, + { + "name": "[oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/05/8" + }, + { + "name": "USN-2786-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2786-1" + }, + { + "name": "GLSA-201606-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-10" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7968.json b/2015/7xxx/CVE-2015-7968.json index ea132d5ad0f..1ecd767c4b8 100644 --- a/2015/7xxx/CVE-2015-7968.json +++ b/2015/7xxx/CVE-2015-7968.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7968", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7968", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0181.json b/2016/0xxx/CVE-2016-0181.json index 1b909c637ed..21001526f1b 100644 --- a/2016/0xxx/CVE-2016-0181.json +++ b/2016/0xxx/CVE-2016-0181.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0181", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity (HVCI) protection mechanism and perform RWX markings of kernel-mode pages via a crafted application, aka \"Hypervisor Code Integrity Security Feature Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-066", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-066" - }, - { - "name" : "90048", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90048" - }, - { - "name" : "1035843", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity (HVCI) protection mechanism and perform RWX markings of kernel-mode pages via a crafted application, aka \"Hypervisor Code Integrity Security Feature Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-066", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-066" + }, + { + "name": "1035843", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035843" + }, + { + "name": "90048", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90048" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0643.json b/2016/0xxx/CVE-2016-0643.json index bce9e803bc8..258acef2337 100644 --- a/2016/0xxx/CVE-2016-0643.json +++ b/2016/0xxx/CVE-2016-0643.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0643", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0643", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "DSA-3595", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3595" - }, - { - "name" : "DSA-3557", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3557" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "openSUSE-SU-2016:1686", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1619", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" - }, - { - "name" : "SUSE-SU-2016:1620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" - }, - { - "name" : "openSUSE-SU-2016:1664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" - }, - { - "name" : "SUSE-SU-2016:1279", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1332", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" - }, - { - "name" : "USN-2953-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2953-1" - }, - { - "name" : "USN-2954-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2954-1" - }, - { - "name" : "86486", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86486" - }, - { - "name" : "1035606", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "1035606", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035606" + }, + { + "name": "USN-2953-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2953-1" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/" + }, + { + "name": "openSUSE-SU-2016:1332", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" + }, + { + "name": "USN-2954-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2954-1" + }, + { + "name": "SUSE-SU-2016:1619", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "86486", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86486" + }, + { + "name": "openSUSE-SU-2016:1664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "DSA-3557", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3557" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "DSA-3595", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3595" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "openSUSE-SU-2016:1686", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" + }, + { + "name": "SUSE-SU-2016:1279", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0807.json b/2016/0xxx/CVE-2016-0807.json index 0f8a4e9dcef..5458b0f6523 100644 --- a/2016/0xxx/CVE-2016-0807.json +++ b/2016/0xxx/CVE-2016-0807.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0807", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0807", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-02-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-02-01.html" - }, - { - "name" : "https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform%2Fsystem%2Fcore/+/d917514bd6b270df431ea4e781a865764d406120" + }, + { + "name": "http://source.android.com/security/bulletin/2016-02-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0994.json b/2016/0xxx/CVE-2016-0994.json index 8ee5f38192e..748501e43ce 100644 --- a/2016/0xxx/CVE-2016-0994.json +++ b/2016/0xxx/CVE-2016-0994.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-194/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84312", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84312" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "84312", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84312" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-194/" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10105.json b/2016/10xxx/CVE-2016-10105.json index a5779088efd..1c9ade44582 100644 --- a/2016/10xxx/CVE-2016-10105.json +++ b/2016/10xxx/CVE-2016-10105.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10105", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Piwigo/Piwigo/commit/8796e43aa344681d92a92e1f9b985409d4f36e31", - "refsource" : "CONFIRM", - "url" : "https://github.com/Piwigo/Piwigo/commit/8796e43aa344681d92a92e1f9b985409d4f36e31" - }, - { - "name" : "https://github.com/Piwigo/Piwigo/commit/9004fdfc0b4a11cb32e9e15a5f67e4ec827e82dc", - "refsource" : "CONFIRM", - "url" : "https://github.com/Piwigo/Piwigo/commit/9004fdfc0b4a11cb32e9e15a5f67e4ec827e82dc" - }, - { - "name" : "https://github.com/Piwigo/Piwigo/issues/574#issuecomment-267938358", - "refsource" : "CONFIRM", - "url" : "https://github.com/Piwigo/Piwigo/issues/574#issuecomment-267938358" - }, - { - "name" : "95202", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Piwigo/Piwigo/issues/574#issuecomment-267938358", + "refsource": "CONFIRM", + "url": "https://github.com/Piwigo/Piwigo/issues/574#issuecomment-267938358" + }, + { + "name": "95202", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95202" + }, + { + "name": "https://github.com/Piwigo/Piwigo/commit/8796e43aa344681d92a92e1f9b985409d4f36e31", + "refsource": "CONFIRM", + "url": "https://github.com/Piwigo/Piwigo/commit/8796e43aa344681d92a92e1f9b985409d4f36e31" + }, + { + "name": "https://github.com/Piwigo/Piwigo/commit/9004fdfc0b4a11cb32e9e15a5f67e4ec827e82dc", + "refsource": "CONFIRM", + "url": "https://github.com/Piwigo/Piwigo/commit/9004fdfc0b4a11cb32e9e15a5f67e4ec827e82dc" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1720.json b/2016/1xxx/CVE-2016-1720.json index a26df5acaf9..d2c7a9b3309 100644 --- a/2016/1xxx/CVE-2016-1720.json +++ b/2016/1xxx/CVE-2016-1720.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39367", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39367/" - }, - { - "name" : "https://code.google.com/p/google-security-research/issues/detail?id=597", - "refsource" : "MISC", - "url" : "https://code.google.com/p/google-security-research/issues/detail?id=597" - }, - { - "name" : "http://packetstormsecurity.com/files/135435/IOKit-Methods-Being-Called-Without-Locks-From-IOServiceClose.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135435/IOKit-Methods-Being-Called-Without-Locks-From-IOServiceClose.html" - }, - { - "name" : "https://support.apple.com/HT205729", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205729" - }, - { - "name" : "https://support.apple.com/HT205731", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205731" - }, - { - "name" : "https://support.apple.com/HT205732", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205732" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "APPLE-SA-2016-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-01-19-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-01-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "1034736", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034736" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "https://support.apple.com/HT205731", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205731" + }, + { + "name": "http://packetstormsecurity.com/files/135435/IOKit-Methods-Being-Called-Without-Locks-From-IOServiceClose.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135435/IOKit-Methods-Being-Called-Without-Locks-From-IOServiceClose.html" + }, + { + "name": "https://support.apple.com/HT205729", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205729" + }, + { + "name": "39367", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39367/" + }, + { + "name": "https://code.google.com/p/google-security-research/issues/detail?id=597", + "refsource": "MISC", + "url": "https://code.google.com/p/google-security-research/issues/detail?id=597" + }, + { + "name": "APPLE-SA-2016-01-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" + }, + { + "name": "1034736", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034736" + }, + { + "name": "APPLE-SA-2016-01-19-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "APPLE-SA-2016-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205732", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205732" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1948.json b/2016/1xxx/CVE-2016-1948.json index 5647aafb894..95b4f8ca7b2 100644 --- a/2016/1xxx/CVE-2016-1948.json +++ b/2016/1xxx/CVE-2016-1948.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1948", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1948", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-12.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1235876", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1235876" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "1034825", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034825" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034825", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034825" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-12.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-12.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1235876", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1235876" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4134.json b/2016/4xxx/CVE-2016-4134.json index 63f3c486267..75235dbb318 100644 --- a/2016/4xxx/CVE-2016-4134.json +++ b/2016/4xxx/CVE-2016-4134.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4134", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4134", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" - }, - { - "name" : "MS16-083", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" - }, - { - "name" : "RHSA-2016:1238", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1238" - }, - { - "name" : "SUSE-SU-2016:1613", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" - }, - { - "name" : "openSUSE-SU-2016:1621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1625", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" - }, - { - "name" : "1036117", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036117", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036117" + }, + { + "name": "MS16-083", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" + }, + { + "name": "openSUSE-SU-2016:1625", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" + }, + { + "name": "RHSA-2016:1238", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1238" + }, + { + "name": "openSUSE-SU-2016:1621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" + }, + { + "name": "SUSE-SU-2016:1613", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4295.json b/2016/4xxx/CVE-2016-4295.json index b2849aaebed..42e5350a7dd 100644 --- a/2016/4xxx/CVE-2016-4295.json +++ b/2016/4xxx/CVE-2016-4295.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hancom Office", - "version" : { - "version_data" : [ - { - "version_value" : "2014 VP Trial HCell.exe Product version: 9.1.0.2176, HCellApp.dll Product version: 9.1.0.2176 HCellBook.dll Product version: 9.1.0.2176" - } - ] - } - } - ] - }, - "vendor_name" : "Hancom" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the HncChartPlugin.hplg library. Due to a lack of bounds-checking when incrementing an index that is used for writing into a buffer for formulae, the application can be made to write pointer data outside its bounds which can lead to code execution under the context of the application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "index miscalculation" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hancom Office", + "version": { + "version_data": [ + { + "version_value": "2014 VP Trial HCell.exe Product version: 9.1.0.2176, HCellApp.dll Product version: 9.1.0.2176 HCellBook.dll Product version: 9.1.0.2176" + } + ] + } + } + ] + }, + "vendor_name": "Hancom" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0150/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0150/" - }, - { - "name" : "92327", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "When opening a Hangul Hcell Document (.cell) and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the HncChartPlugin.hplg library. Due to a lack of bounds-checking when incrementing an index that is used for writing into a buffer for formulae, the application can be made to write pointer data outside its bounds which can lead to code execution under the context of the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "index miscalculation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0150/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0150/" + }, + { + "name": "92327", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92327" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4799.json b/2016/4xxx/CVE-2016-4799.json index 55c6efee061..7e1ef999b10 100644 --- a/2016/4xxx/CVE-2016-4799.json +++ b/2016/4xxx/CVE-2016-4799.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4799", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4799", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4963.json b/2016/4xxx/CVE-2016-4963.json index 18b46e604e7..d8bbd0d5869 100644 --- a/2016/4xxx/CVE-2016-4963.json +++ b/2016/4xxx/CVE-2016-4963.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180906 [SECURITY] [DLA 1493-1] xen security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00006.html" - }, - { - "name" : "http://xenbits.xen.org/xsa/advisory-178.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-178.html" - }, - { - "name" : "1036024", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1493-1] xen security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00006.html" + }, + { + "name": "1036024", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036024" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-178.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-178.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3569.json b/2019/3xxx/CVE-2019-3569.json index ddcf9d3b321..d91be0620d3 100644 --- a/2019/3xxx/CVE-2019-3569.json +++ b/2019/3xxx/CVE-2019-3569.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3569", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3569", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3666.json b/2019/3xxx/CVE-2019-3666.json index 66af190f6c6..f94bcaf62ec 100644 --- a/2019/3xxx/CVE-2019-3666.json +++ b/2019/3xxx/CVE-2019-3666.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3666", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3666", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3873.json b/2019/3xxx/CVE-2019-3873.json index 29cec72da3f..024eff90d5a 100644 --- a/2019/3xxx/CVE-2019-3873.json +++ b/2019/3xxx/CVE-2019-3873.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3873", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3873", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3896.json b/2019/3xxx/CVE-2019-3896.json index a3af6df1be9..2afff997989 100644 --- a/2019/3xxx/CVE-2019-3896.json +++ b/2019/3xxx/CVE-2019-3896.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3896", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3896", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4058.json b/2019/4xxx/CVE-2019-4058.json index 93bda309838..22d89accdc0 100644 --- a/2019/4xxx/CVE-2019-4058.json +++ b/2019/4xxx/CVE-2019-4058.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4058", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4058", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4867.json b/2019/4xxx/CVE-2019-4867.json index 71eaf9753c1..91f2a1c207b 100644 --- a/2019/4xxx/CVE-2019-4867.json +++ b/2019/4xxx/CVE-2019-4867.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4867", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4867", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4882.json b/2019/4xxx/CVE-2019-4882.json index 84ba0717b7d..9c7b6fcac92 100644 --- a/2019/4xxx/CVE-2019-4882.json +++ b/2019/4xxx/CVE-2019-4882.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4882", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4882", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4947.json b/2019/4xxx/CVE-2019-4947.json index 0887403c877..10f59c9d50d 100644 --- a/2019/4xxx/CVE-2019-4947.json +++ b/2019/4xxx/CVE-2019-4947.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4947", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4947", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6447.json b/2019/6xxx/CVE-2019-6447.json index e331ebdae3d..272177ddc1f 100644 --- a/2019/6xxx/CVE-2019-6447.json +++ b/2019/6xxx/CVE-2019-6447.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/fs0c131y/ESFileExplorerOpenPortVuln", - "refsource" : "MISC", - "url" : "https://github.com/fs0c131y/ESFileExplorerOpenPortVuln" - }, - { - "name" : "https://twitter.com/fs0c131y/status/1085460755313508352", - "refsource" : "MISC", - "url" : "https://twitter.com/fs0c131y/status/1085460755313508352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/fs0c131y/ESFileExplorerOpenPortVuln", + "refsource": "MISC", + "url": "https://github.com/fs0c131y/ESFileExplorerOpenPortVuln" + }, + { + "name": "https://twitter.com/fs0c131y/status/1085460755313508352", + "refsource": "MISC", + "url": "https://twitter.com/fs0c131y/status/1085460755313508352" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6583.json b/2019/6xxx/CVE-2019-6583.json index ebf44fdc47e..6cd606ba981 100644 --- a/2019/6xxx/CVE-2019-6583.json +++ b/2019/6xxx/CVE-2019-6583.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6583", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6583", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6726.json b/2019/6xxx/CVE-2019-6726.json index e9187f83da7..ab192b7bfc2 100644 --- a/2019/6xxx/CVE-2019-6726.json +++ b/2019/6xxx/CVE-2019-6726.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6726", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6726", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7096.json b/2019/7xxx/CVE-2019-7096.json index e141d4f0d0a..a6de863dd0d 100644 --- a/2019/7xxx/CVE-2019-7096.json +++ b/2019/7xxx/CVE-2019-7096.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7096", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7096", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7343.json b/2019/7xxx/CVE-2019-7343.json index a33753d5c77..6d3971cb92c 100644 --- a/2019/7xxx/CVE-2019-7343.json +++ b/2019/7xxx/CVE-2019-7343.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZoneMinder/zoneminder/issues/2464", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/issues/2464" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZoneMinder/zoneminder/issues/2464", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/issues/2464" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7373.json b/2019/7xxx/CVE-2019-7373.json index 28c3468aeea..9f421f35e31 100644 --- a/2019/7xxx/CVE-2019-7373.json +++ b/2019/7xxx/CVE-2019-7373.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7373", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7373", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7962.json b/2019/7xxx/CVE-2019-7962.json index e60c1a166b6..7434928e751 100644 --- a/2019/7xxx/CVE-2019-7962.json +++ b/2019/7xxx/CVE-2019-7962.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7962", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7962", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8035.json b/2019/8xxx/CVE-2019-8035.json index 8216df46fad..cb2dfbc713b 100644 --- a/2019/8xxx/CVE-2019-8035.json +++ b/2019/8xxx/CVE-2019-8035.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8035", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8035", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8085.json b/2019/8xxx/CVE-2019-8085.json index 21483aedd8f..b6ef41fd027 100644 --- a/2019/8xxx/CVE-2019-8085.json +++ b/2019/8xxx/CVE-2019-8085.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8085", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8085", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8599.json b/2019/8xxx/CVE-2019-8599.json index ea31f118447..eaed55b46bf 100644 --- a/2019/8xxx/CVE-2019-8599.json +++ b/2019/8xxx/CVE-2019-8599.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8599", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8599", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8615.json b/2019/8xxx/CVE-2019-8615.json index b1ee260dd05..59ad2328925 100644 --- a/2019/8xxx/CVE-2019-8615.json +++ b/2019/8xxx/CVE-2019-8615.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8615", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8615", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8685.json b/2019/8xxx/CVE-2019-8685.json index 9819dabc856..80c47ec12a4 100644 --- a/2019/8xxx/CVE-2019-8685.json +++ b/2019/8xxx/CVE-2019-8685.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8685", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8685", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9096.json b/2019/9xxx/CVE-2019-9096.json index dc14b52f574..15d18ba7e7a 100644 --- a/2019/9xxx/CVE-2019-9096.json +++ b/2019/9xxx/CVE-2019-9096.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9096", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9096", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9390.json b/2019/9xxx/CVE-2019-9390.json index 9d66919feb7..a2be5407f93 100644 --- a/2019/9xxx/CVE-2019-9390.json +++ b/2019/9xxx/CVE-2019-9390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9462.json b/2019/9xxx/CVE-2019-9462.json index 5a0d020fe18..4de77461526 100644 --- a/2019/9xxx/CVE-2019-9462.json +++ b/2019/9xxx/CVE-2019-9462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9462", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9462", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9676.json b/2019/9xxx/CVE-2019-9676.json index a6b40c8c2eb..43643f6e974 100644 --- a/2019/9xxx/CVE-2019-9676.json +++ b/2019/9xxx/CVE-2019-9676.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9676", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9676", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file