From 71c7394a5f33744fc5f64fb4fbcaa701cd205a5b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:04:52 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0121.json | 180 ++++++++--------- 2007/0xxx/CVE-2007-0291.json | 180 ++++++++--------- 2007/0xxx/CVE-2007-0470.json | 190 +++++++++--------- 2007/0xxx/CVE-2007-0886.json | 170 ++++++++-------- 2007/1xxx/CVE-2007-1414.json | 220 ++++++++++----------- 2007/1xxx/CVE-2007-1466.json | 370 +++++++++++++++++------------------ 2007/1xxx/CVE-2007-1637.json | 160 +++++++-------- 2007/4xxx/CVE-2007-4839.json | 130 ++++++------ 2007/5xxx/CVE-2007-5203.json | 34 ++-- 2007/5xxx/CVE-2007-5407.json | 210 ++++++++++---------- 2007/5xxx/CVE-2007-5659.json | 240 +++++++++++------------ 2007/5xxx/CVE-2007-5699.json | 140 ++++++------- 2015/3xxx/CVE-2015-3141.json | 150 +++++++------- 2015/3xxx/CVE-2015-3163.json | 150 +++++++------- 2015/3xxx/CVE-2015-3864.json | 190 +++++++++--------- 2015/6xxx/CVE-2015-6412.json | 120 ++++++------ 2015/6xxx/CVE-2015-6579.json | 34 ++-- 2015/6xxx/CVE-2015-6630.json | 120 ++++++------ 2015/7xxx/CVE-2015-7595.json | 34 ++-- 2015/7xxx/CVE-2015-7935.json | 130 ++++++------ 2015/8xxx/CVE-2015-8615.json | 140 ++++++------- 2016/0xxx/CVE-2016-0601.json | 130 ++++++------ 2016/1xxx/CVE-2016-1034.json | 130 ++++++------ 2016/1xxx/CVE-2016-1098.json | 170 ++++++++-------- 2016/1xxx/CVE-2016-1288.json | 130 ++++++------ 2016/1xxx/CVE-2016-1593.json | 190 +++++++++--------- 2016/1xxx/CVE-2016-1745.json | 140 ++++++------- 2016/1xxx/CVE-2016-1750.json | 200 +++++++++---------- 2016/1xxx/CVE-2016-1941.json | 150 +++++++------- 2016/4xxx/CVE-2016-4010.json | 160 +++++++-------- 2016/5xxx/CVE-2016-5166.json | 230 +++++++++++----------- 2016/5xxx/CVE-2016-5621.json | 140 ++++++------- 2016/5xxx/CVE-2016-5844.json | 250 +++++++++++------------ 2019/0xxx/CVE-2019-0035.json | 34 ++-- 2019/0xxx/CVE-2019-0421.json | 34 ++-- 2019/0xxx/CVE-2019-0446.json | 34 ++-- 2019/0xxx/CVE-2019-0748.json | 34 ++-- 2019/1xxx/CVE-2019-1427.json | 34 ++-- 2019/1xxx/CVE-2019-1752.json | 34 ++-- 2019/1xxx/CVE-2019-1785.json | 34 ++-- 2019/3xxx/CVE-2019-3436.json | 34 ++-- 2019/3xxx/CVE-2019-3810.json | 34 ++-- 2019/4xxx/CVE-2019-4519.json | 34 ++-- 2019/4xxx/CVE-2019-4521.json | 34 ++-- 2019/4xxx/CVE-2019-4614.json | 34 ++-- 2019/4xxx/CVE-2019-4790.json | 34 ++-- 2019/5xxx/CVE-2019-5325.json | 34 ++-- 2019/8xxx/CVE-2019-8164.json | 34 ++-- 2019/8xxx/CVE-2019-8595.json | 34 ++-- 2019/8xxx/CVE-2019-8768.json | 34 ++-- 2019/8xxx/CVE-2019-8856.json | 34 ++-- 2019/8xxx/CVE-2019-8907.json | 130 ++++++------ 2019/9xxx/CVE-2019-9122.json | 120 ++++++------ 2019/9xxx/CVE-2019-9464.json | 34 ++-- 2019/9xxx/CVE-2019-9655.json | 34 ++-- 2019/9xxx/CVE-2019-9702.json | 34 ++-- 56 files changed, 3138 insertions(+), 3138 deletions(-) diff --git a/2007/0xxx/CVE-2007-0121.json b/2007/0xxx/CVE-2007-0121.json index 29d03af6bb8..5734111f68f 100644 --- a/2007/0xxx/CVE-2007-0121.json +++ b/2007/0xxx/CVE-2007-0121.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0121", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0121", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 RI Blog 1.3 XSS Vuln.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456052/100/0/threaded" - }, - { - "name" : "21880", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21880" - }, - { - "name" : "ADV-2007-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0083" - }, - { - "name" : "31637", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31637" - }, - { - "name" : "23657", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23657" - }, - { - "name" : "2108", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2108" - }, - { - "name" : "riblog-search-xss(31317)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23657", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23657" + }, + { + "name": "ADV-2007-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0083" + }, + { + "name": "21880", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21880" + }, + { + "name": "2108", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2108" + }, + { + "name": "20070105 RI Blog 1.3 XSS Vuln.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456052/100/0/threaded" + }, + { + "name": "31637", + "refsource": "OSVDB", + "url": "http://osvdb.org/31637" + }, + { + "name": "riblog-search-xss(31317)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31317" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0291.json b/2007/0xxx/CVE-2007-0291.json index b9bbbf3e119..178fa587151 100644 --- a/2007/0xxx/CVE-2007-0291.json +++ b/2007/0xxx/CVE-2007-0291.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle E-Business Suite and Applications 6.2.3 has unknown impact and attack vectors related to Oracle Exchange, aka APPS02." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32889", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32889" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle E-Business Suite and Applications 6.2.3 has unknown impact and attack vectors related to Oracle Exchange, aka APPS02." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32889", + "refsource": "OSVDB", + "url": "http://osvdb.org/32889" + }, + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0470.json b/2007/0xxx/CVE-2007-0470.json index e8c9107937d..493ba2a444d 100644 --- a/2007/0xxx/CVE-2007-0470.json +++ b/2007/0xxx/CVE-2007-0470.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0470", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102773", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1" - }, - { - "name" : "22190", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22190" - }, - { - "name" : "ADV-2007-0317", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0317" - }, - { - "name" : "31616", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31616" - }, - { - "name" : "oval:org.mitre.oval:def:2038", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038" - }, - { - "name" : "1017546", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017546" - }, - { - "name" : "23821", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23821" - }, - { - "name" : "solaris-tip-privilege-escalation(31669)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017546", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017546" + }, + { + "name": "102773", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102773-1" + }, + { + "name": "solaris-tip-privilege-escalation(31669)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31669" + }, + { + "name": "oval:org.mitre.oval:def:2038", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2038" + }, + { + "name": "ADV-2007-0317", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0317" + }, + { + "name": "22190", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22190" + }, + { + "name": "23821", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23821" + }, + { + "name": "31616", + "refsource": "OSVDB", + "url": "http://osvdb.org/31616" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0886.json b/2007/0xxx/CVE-2007-0886.json index fccdbcad8c4..05f8f633587 100644 --- a/2007/0xxx/CVE-2007-0886.json +++ b/2007/0xxx/CVE-2007-0886.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0886", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0886", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070208 Axigen <2.0.0b1 DoS", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117094708423302&w=2" - }, - { - "name" : "3289", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3289" - }, - { - "name" : "22473", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22473" - }, - { - "name" : "38133", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38133" - }, - { - "name" : "24073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24073" - }, - { - "name" : "axigen-memcpy-dos(32342)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070208 Axigen <2.0.0b1 DoS", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117094708423302&w=2" + }, + { + "name": "38133", + "refsource": "OSVDB", + "url": "http://osvdb.org/38133" + }, + { + "name": "3289", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3289" + }, + { + "name": "24073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24073" + }, + { + "name": "22473", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22473" + }, + { + "name": "axigen-memcpy-dos(32342)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32342" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1414.json b/2007/1xxx/CVE-2007-1414.json index b785474b5ce..07d3b304f28 100644 --- a/2007/1xxx/CVE-2007-1414.json +++ b/2007/1xxx/CVE-2007-1414.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, or (f) pluginmgr.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070309 Remote File Include In Script Coppermine Photo Gallery", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462322/100/0/threaded" - }, - { - "name" : "20070322 Remote File Include In Coppermine Photo Gallery", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463532/100/0/threaded" - }, - { - "name" : "22896", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22896" - }, - { - "name" : "35065", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35065" - }, - { - "name" : "35066", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35066" - }, - { - "name" : "35067", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35067" - }, - { - "name" : "35068", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35068" - }, - { - "name" : "35069", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35069" - }, - { - "name" : "35070", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35070" - }, - { - "name" : "2416", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2416" - }, - { - "name" : "coppermine-multiple-scripts-file-include(32894)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Coppermine Photo Gallery (CPG) allow remote attackers to execute arbitrary PHP code via a URL in the (1) cmd parameter to (a) image_processor.php or (b) picmgmt.inc.php, or the (2) path parameter to (c) include/functions.php, (d) include/plugin_api.inc.php, (e) index.php, or (f) pluginmgr.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2416", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2416" + }, + { + "name": "35068", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35068" + }, + { + "name": "35065", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35065" + }, + { + "name": "35067", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35067" + }, + { + "name": "20070309 Remote File Include In Script Coppermine Photo Gallery", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462322/100/0/threaded" + }, + { + "name": "22896", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22896" + }, + { + "name": "35069", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35069" + }, + { + "name": "coppermine-multiple-scripts-file-include(32894)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32894" + }, + { + "name": "35066", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35066" + }, + { + "name": "20070322 Remote File Include In Coppermine Photo Gallery", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463532/100/0/threaded" + }, + { + "name": "35070", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35070" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1466.json b/2007/1xxx/CVE-2007-1466.json index 96c3230123e..21abf8e9d7e 100644 --- a/2007/1xxx/CVE-2007-1466.json +++ b/2007/1xxx/CVE-2007-1466.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1466", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file, a different vulnerability than CVE-2007-0002." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070316 Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490" - }, - { - "name" : "20070316 rPSA-2007-0057-1 libwpd", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463033/100/0/threaded" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=494122", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=494122" - }, - { - "name" : "DSA-1268", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1268" - }, - { - "name" : "FEDORA-2007-350", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2805" - }, - { - "name" : "GLSA-200704-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-07.xml" - }, - { - "name" : "MDKSA-2007:063", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:063" - }, - { - "name" : "MDKSA-2007:064", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:064" - }, - { - "name" : "RHSA-2007:0055", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0055.html" - }, - { - "name" : "RHSA-2007:0033", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0033.html" - }, - { - "name" : "102863", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1" - }, - { - "name" : "USN-437-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-437-1" - }, - { - "name" : "23006", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23006" - }, - { - "name" : "oval:org.mitre.oval:def:10862", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10862" - }, - { - "name" : "ADV-2007-0976", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0976" - }, - { - "name" : "1017789", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017789" - }, - { - "name" : "24507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24507" - }, - { - "name" : "24557", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24557" - }, - { - "name" : "24572", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24572" - }, - { - "name" : "24580", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24580" - }, - { - "name" : "24573", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24573" - }, - { - "name" : "24581", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24581" - }, - { - "name" : "24550", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24550" - }, - { - "name" : "24794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24794" - }, - { - "name" : "24856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24856" - }, - { - "name" : "24588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file, a different vulnerability than CVE-2007-0002." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102863", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1" + }, + { + "name": "23006", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23006" + }, + { + "name": "oval:org.mitre.oval:def:10862", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10862" + }, + { + "name": "FEDORA-2007-350", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2805" + }, + { + "name": "24573", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24573" + }, + { + "name": "24588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24588" + }, + { + "name": "24581", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24581" + }, + { + "name": "GLSA-200704-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-07.xml" + }, + { + "name": "RHSA-2007:0033", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0033.html" + }, + { + "name": "24794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24794" + }, + { + "name": "MDKSA-2007:064", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:064" + }, + { + "name": "24550", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24550" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=494122", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=494122" + }, + { + "name": "DSA-1268", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1268" + }, + { + "name": "24507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24507" + }, + { + "name": "24557", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24557" + }, + { + "name": "20070316 rPSA-2007-0057-1 libwpd", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463033/100/0/threaded" + }, + { + "name": "MDKSA-2007:063", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:063" + }, + { + "name": "24580", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24580" + }, + { + "name": "USN-437-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-437-1" + }, + { + "name": "24572", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24572" + }, + { + "name": "20070316 Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490" + }, + { + "name": "ADV-2007-0976", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0976" + }, + { + "name": "1017789", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017789" + }, + { + "name": "RHSA-2007:0055", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0055.html" + }, + { + "name": "24856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24856" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1637.json b/2007/1xxx/CVE-2007-1637.json index 7b5f9acea7d..92b19490b79 100644 --- a/2007/1xxx/CVE-2007-1637.json +++ b/2007/1xxx/CVE-2007-1637.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070307 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilitie", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487" - }, - { - "name" : "http://support.ipswitch.com/kb/IM-20070305-JH01.htm", - "refsource" : "CONFIRM", - "url" : "http://support.ipswitch.com/kb/IM-20070305-JH01.htm" - }, - { - "name" : "ADV-2007-0853", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0853" - }, - { - "name" : "1017737", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017737" - }, - { - "name" : "24422", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the IMAILAPILib ActiveX control (IMailAPI.dll) in Ipswitch IMail Server before 2006.2 allow remote attackers to execute arbitrary code via the (1) WebConnect and (2) Connect members in the (a) IMailServer control; (3) Sync3 and (4) Init3 members in the (b) IMailLDAPService control; and the (5) SetReplyTo member in the (c) IMailUserCollection control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0853", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0853" + }, + { + "name": "24422", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24422" + }, + { + "name": "20070307 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilitie", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=487" + }, + { + "name": "1017737", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017737" + }, + { + "name": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm", + "refsource": "CONFIRM", + "url": "http://support.ipswitch.com/kb/IM-20070305-JH01.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4839.json b/2007/4xxx/CVE-2007-4839.json index c5f62c1213d..c3ecf4817a5 100644 --- a/2007/4xxx/CVE-2007-4839.json +++ b/2007/4xxx/CVE-2007-4839.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4839", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4839", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg27007951", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg27007951" - }, - { - "name" : "41611", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951" + }, + { + "name": "41611", + "refsource": "OSVDB", + "url": "http://osvdb.org/41611" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5203.json b/2007/5xxx/CVE-2007-5203.json index 9a86efe3864..b7ad8a452b5 100644 --- a/2007/5xxx/CVE-2007-5203.json +++ b/2007/5xxx/CVE-2007-5203.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5203", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5203", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5407.json b/2007/5xxx/CVE-2007-5407.json index 00fb49878c1..b57b601475d 100644 --- a/2007/5xxx/CVE-2007-5407.json +++ b/2007/5xxx/CVE-2007-5407.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in the JContentSubscription (com_jcs) 1.5.8 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) jcs.function.php; (2) add.php, (3) history.php, and (4) register.php, in view/; and (5) list.sub.html.php, (6) list.user.sub.html.php, and (7) reports.html.php in views/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4508", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4508" - }, - { - "name" : "26003", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26003" - }, - { - "name" : "43619", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43619" - }, - { - "name" : "43620", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43620" - }, - { - "name" : "43621", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43621" - }, - { - "name" : "43622", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43622" - }, - { - "name" : "43623", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43623" - }, - { - "name" : "43624", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43624" - }, - { - "name" : "43627", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43627" - }, - { - "name" : "joomla-jcontentsubscription-file-include(37055)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37055" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in the JContentSubscription (com_jcs) 1.5.8 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) jcs.function.php; (2) add.php, (3) history.php, and (4) register.php, in view/; and (5) list.sub.html.php, (6) list.user.sub.html.php, and (7) reports.html.php in views/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26003", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26003" + }, + { + "name": "43624", + "refsource": "OSVDB", + "url": "http://osvdb.org/43624" + }, + { + "name": "43620", + "refsource": "OSVDB", + "url": "http://osvdb.org/43620" + }, + { + "name": "joomla-jcontentsubscription-file-include(37055)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37055" + }, + { + "name": "43621", + "refsource": "OSVDB", + "url": "http://osvdb.org/43621" + }, + { + "name": "43622", + "refsource": "OSVDB", + "url": "http://osvdb.org/43622" + }, + { + "name": "43623", + "refsource": "OSVDB", + "url": "http://osvdb.org/43623" + }, + { + "name": "43627", + "refsource": "OSVDB", + "url": "http://osvdb.org/43627" + }, + { + "name": "43619", + "refsource": "OSVDB", + "url": "http://osvdb.org/43619" + }, + { + "name": "4508", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4508" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5659.json b/2007/5xxx/CVE-2007-5659.json index 8c8cfc3caa7..b95a793b2dc 100644 --- a/2007/5xxx/CVE-2007-5659.json +++ b/2007/5xxx/CVE-2007-5659.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080208 Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657" - }, - { - "name" : "http://www.adobe.com/support/security/advisories/apsa08-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/advisories/apsa08-01.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb08-13.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb08-13.html" - }, - { - "name" : "GLSA-200803-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200803-01.xml" - }, - { - "name" : "RHSA-2008:0144", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0144.html" - }, - { - "name" : "239286", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1" - }, - { - "name" : "TA08-043A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-043A.html" - }, - { - "name" : "VU#666281", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/666281" - }, - { - "name" : "oval:org.mitre.oval:def:9813", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9813" - }, - { - "name" : "ADV-2008-1966", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1966/references" - }, - { - "name" : "29065", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29065" - }, - { - "name" : "29205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29205" - }, - { - "name" : "30840", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30840" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA08-043A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-043A.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb08-13.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb08-13.html" + }, + { + "name": "ADV-2008-1966", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1966/references" + }, + { + "name": "20080208 Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657" + }, + { + "name": "oval:org.mitre.oval:def:9813", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9813" + }, + { + "name": "http://www.adobe.com/support/security/advisories/apsa08-01.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/advisories/apsa08-01.html" + }, + { + "name": "239286", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1" + }, + { + "name": "GLSA-200803-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200803-01.xml" + }, + { + "name": "29065", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29065" + }, + { + "name": "30840", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30840" + }, + { + "name": "29205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29205" + }, + { + "name": "RHSA-2008:0144", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0144.html" + }, + { + "name": "VU#666281", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/666281" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5699.json b/2007/5xxx/CVE-2007-5699.json index 500c824030d..fa1c5f5a015 100644 --- a/2007/5xxx/CVE-2007-5699.json +++ b/2007/5xxx/CVE-2007-5699.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5699", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5699", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4566", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4566" - }, - { - "name" : "26189", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26189" - }, - { - "name" : "eiqnetworks-searchreport-bo(38139)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38139" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "eiqnetworks-searchreport-bo(38139)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38139" + }, + { + "name": "26189", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26189" + }, + { + "name": "4566", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4566" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3141.json b/2015/3xxx/CVE-2015-3141.json index d31abfb5e63..eb5048a300a 100644 --- a/2015/3xxx/CVE-2015-3141.json +++ b/2015/3xxx/CVE-2015-3141.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3141", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies Xeams 4.5 Build 5755 and earlier allow remote attackers to hijack the authentication of administrators for requests that create an (1) SMTP domain or a (2) user via a request to /FrontController; or conduct cross-site scripting (XSS) attacks via the (3) domainname parameter to /FrontController, when creating a new SMTP domain configuration; the (4) txtRecipient parameter to /FrontController, when creating a new forwarder; the (5) popFetchServer, (6) popFetchUser, or (7) popFetchRecipient parameter to /FrontController, when creating a new POP3 Fetcher account; or the (8) Smtp HELO domain in the Advanced Server Configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3141", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36949", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36949/" - }, - { - "name" : "http://packetstormsecurity.com/files/131844/Xeams-4.5-Build-5755-CSRF-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131844/Xeams-4.5-Build-5755-CSRF-Cross-Site-Scripting.html" - }, - { - "name" : "74578", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74578" - }, - { - "name" : "121847", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/121847" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies Xeams 4.5 Build 5755 and earlier allow remote attackers to hijack the authentication of administrators for requests that create an (1) SMTP domain or a (2) user via a request to /FrontController; or conduct cross-site scripting (XSS) attacks via the (3) domainname parameter to /FrontController, when creating a new SMTP domain configuration; the (4) txtRecipient parameter to /FrontController, when creating a new forwarder; the (5) popFetchServer, (6) popFetchUser, or (7) popFetchRecipient parameter to /FrontController, when creating a new POP3 Fetcher account; or the (8) Smtp HELO domain in the Advanced Server Configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "121847", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/121847" + }, + { + "name": "74578", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74578" + }, + { + "name": "36949", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36949/" + }, + { + "name": "http://packetstormsecurity.com/files/131844/Xeams-4.5-Build-5755-CSRF-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131844/Xeams-4.5-Build-5755-CSRF-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3163.json b/2015/3xxx/CVE-2015-3163.json index 496c571ebee..9090a46463a 100644 --- a/2015/3xxx/CVE-2015-3163.json +++ b/2015/3xxx/CVE-2015-3163.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150507 beaker vulns fixed in version 20.1", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/05/08/1" - }, - { - "name" : "https://beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.html", - "refsource" : "CONFIRM", - "url" : "https://beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215034", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215034" - }, - { - "name" : "74567", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74567" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150507 beaker vulns fixed in version 20.1", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/05/08/1" + }, + { + "name": "https://beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.html", + "refsource": "CONFIRM", + "url": "https://beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1215034", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215034" + }, + { + "name": "74567", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74567" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3864.json b/2015/3xxx/CVE-2015-3864.json index d0ce9acf7a1..9f610622ddd 100644 --- a/2015/3xxx/CVE-2015-3864.json +++ b/2015/3xxx/CVE-2015-3864.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3864", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3864", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40436", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40436/" - }, - { - "name" : "39640", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39640/" - }, - { - "name" : "38226", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38226/" - }, - { - "name" : "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ" - }, - { - "name" : "https://blog.zimperium.com/cve-2015-3864-metasploit-module-now-available-for-testing/", - "refsource" : "MISC", - "url" : "https://blog.zimperium.com/cve-2015-3864-metasploit-module-now-available-for-testing/" - }, - { - "name" : "https://blog.zimperium.com/reflecting-on-stagefright-patches/", - "refsource" : "MISC", - "url" : "https://blog.zimperium.com/reflecting-on-stagefright-patches/" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/6fe85f7e15203e48df2cc3e8e1c4bc6ad49dc968", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/6fe85f7e15203e48df2cc3e8e1c4bc6ad49dc968" - }, - { - "name" : "76682", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76682" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ" + }, + { + "name": "https://blog.zimperium.com/cve-2015-3864-metasploit-module-now-available-for-testing/", + "refsource": "MISC", + "url": "https://blog.zimperium.com/cve-2015-3864-metasploit-module-now-available-for-testing/" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/6fe85f7e15203e48df2cc3e8e1c4bc6ad49dc968", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/6fe85f7e15203e48df2cc3e8e1c4bc6ad49dc968" + }, + { + "name": "38226", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38226/" + }, + { + "name": "76682", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76682" + }, + { + "name": "https://blog.zimperium.com/reflecting-on-stagefright-patches/", + "refsource": "MISC", + "url": "https://blog.zimperium.com/reflecting-on-stagefright-patches/" + }, + { + "name": "40436", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40436/" + }, + { + "name": "39640", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39640/" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6412.json b/2015/6xxx/CVE-2015-6412.json index 26f11bd4109..606bd2b0509 100644 --- a/2015/6xxx/CVE-2015-6412.json +++ b/2015/6xxx/CVE-2015-6412.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug ID CSCut88070." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160120 Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access via an SSH session, aka Bug ID CSCut88070." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160120 Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6579.json b/2015/6xxx/CVE-2015-6579.json index 500ad76bd75..9ae5251d2ca 100644 --- a/2015/6xxx/CVE-2015-6579.json +++ b/2015/6xxx/CVE-2015-6579.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6579", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6579", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6630.json b/2015/6xxx/CVE-2015-6630.json index ae139bf1b4d..3fd995f6e85 100644 --- a/2015/6xxx/CVE-2015-6630.json +++ b/2015/6xxx/CVE-2015-6630.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6630", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to read screenshots and consequently gain privileges via a crafted application, aka internal bug 19121797." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6630", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2015-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2015-12-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to read screenshots and consequently gain privileges via a crafted application, aka internal bug 19121797." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2015-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2015-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7595.json b/2015/7xxx/CVE-2015-7595.json index a6cf34d74d1..ca3210f30fb 100644 --- a/2015/7xxx/CVE-2015-7595.json +++ b/2015/7xxx/CVE-2015-7595.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7595", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7595", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7935.json b/2015/7xxx/CVE-2015-7935.json index 7287ef2cdbc..822cf11ce5e 100644 --- a/2015/7xxx/CVE-2015-7935.json +++ b/2015/7xxx/CVE-2015-7935.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7935", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7935", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02" - }, - { - "name" : "79624", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79624" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02" + }, + { + "name": "79624", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79624" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8615.json b/2015/8xxx/CVE-2015-8615.json index 0a3142756ac..63ee7d3cb6c 100644 --- a/2015/8xxx/CVE-2015-8615.json +++ b/2015/8xxx/CVE-2015-8615.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-169.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-169.html" - }, - { - "name" : "79644", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79644" - }, - { - "name" : "1034512", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034512" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xenbits.xen.org/xsa/advisory-169.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-169.html" + }, + { + "name": "79644", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79644" + }, + { + "name": "1034512", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034512" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0601.json b/2016/0xxx/CVE-2016-0601.json index e2b704b1d14..ff6f188456f 100644 --- a/2016/0xxx/CVE-2016-0601.json +++ b/2016/0xxx/CVE-2016-0601.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0601", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Partition." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Partition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1034.json b/2016/1xxx/CVE-2016-1034.json index ec82d9fab30..b8d7241edcf 100644 --- a/2016/1xxx/CVE-2016-1034.json +++ b/2016/1xxx/CVE-2016-1034.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-235", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-235" - }, - { - "name" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-235", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-235" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1098.json b/2016/1xxx/CVE-2016-1098.json index 348355596de..eb176129fb5 100644 --- a/2016/1xxx/CVE-2016-1098.json +++ b/2016/1xxx/CVE-2016-1098.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" - }, - { - "name" : "MS16-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" - }, - { - "name" : "RHSA-2016:1079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "90618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90618" - }, - { - "name" : "1035827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "90618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90618" + }, + { + "name": "1035827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035827" + }, + { + "name": "MS16-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" + }, + { + "name": "RHSA-2016:1079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1288.json b/2016/1xxx/CVE-2016-1288.json index 58b1fd74763..9c6c4195616 100644 --- a/2016/1xxx/CVE-2016-1288.json +++ b/2016/1xxx/CVE-2016-1288.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1288", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1288", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160302 Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa" - }, - { - "name" : "1035163", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035163", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035163" + }, + { + "name": "20160302 Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1593.json b/2016/1xxx/CVE-2016-1593.json index d3824d138de..ac26d2fef75 100644 --- a/2016/1xxx/CVE-2016-1593.json +++ b/2016/1xxx/CVE-2016-1593.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2016-1593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160410 [Multiple CVE]: RCE, info disclosure, HQL injection and stored XSS in Novell Service Desk 7.1.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538043/100/0/threaded" - }, - { - "name" : "39687", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39687/" - }, - { - "name" : "39708", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39708/" - }, - { - "name" : "https://packetstormsecurity.com/files/136646", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/136646" - }, - { - "name" : "https://raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt", - "refsource" : "MISC", - "url" : "https://raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/136717/Novell-ServiceDesk-Authenticated-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136717/Novell-ServiceDesk-Authenticated-File-Upload.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/multi/http/novell_servicedesk_rce", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/multi/http/novell_servicedesk_rce" - }, - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7017428", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7017428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt", + "refsource": "MISC", + "url": "https://raw.githubusercontent.com/pedrib/PoC/master/advisories/novell-service-desk-7.1.0.txt" + }, + { + "name": "https://packetstormsecurity.com/files/136646", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/136646" + }, + { + "name": "20160410 [Multiple CVE]: RCE, info disclosure, HQL injection and stored XSS in Novell Service Desk 7.1.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538043/100/0/threaded" + }, + { + "name": "https://www.novell.com/support/kb/doc.php?id=7017428", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7017428" + }, + { + "name": "39708", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39708/" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/multi/http/novell_servicedesk_rce", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/multi/http/novell_servicedesk_rce" + }, + { + "name": "39687", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39687/" + }, + { + "name": "http://packetstormsecurity.com/files/136717/Novell-ServiceDesk-Authenticated-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136717/Novell-ServiceDesk-Authenticated-File-Upload.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1745.json b/2016/1xxx/CVE-2016-1745.json index 7c8683e0a56..ef0098c2cff 100644 --- a/2016/1xxx/CVE-2016-1745.json +++ b/2016/1xxx/CVE-2016-1745.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1745", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1745", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "1035363", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035363" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service (NULL pointer dereference) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "1035363", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035363" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1750.json b/2016/1xxx/CVE-2016-1750.json index d354e06ebdc..1217b989f41 100644 --- a/2016/1xxx/CVE-2016-1750.json +++ b/2016/1xxx/CVE-2016-1750.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "https://support.apple.com/HT206169", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206169" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-03-21-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "1035353", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "1035353", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035353" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "APPLE-SA-2016-03-21-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206169", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206169" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1941.json b/2016/1xxx/CVE-2016-1941.json index 67d45903fe0..80d09c42b54 100644 --- a/2016/1xxx/CVE-2016-1941.json +++ b/2016/1xxx/CVE-2016-1941.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-08.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-08.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1116385", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1116385" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "1034825", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034825" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034825", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034825" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-08.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-08.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1116385", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1116385" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4010.json b/2016/4xxx/CVE-2016-4010.json index d9fd8ea7f25..11f8d0d7f01 100644 --- a/2016/4xxx/CVE-2016-4010.json +++ b/2016/4xxx/CVE-2016-4010.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39838", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39838/" - }, - { - "name" : "http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/", - "refsource" : "MISC", - "url" : "http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/" - }, - { - "name" : "https://packetstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.html" - }, - { - "name" : "https://packetstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.html" - }, - { - "name" : "https://magento.com/security/patches/magento-206-security-update", - "refsource" : "CONFIRM", - "url" : "https://magento.com/security/patches/magento-206-security-update" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.html" + }, + { + "name": "http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/", + "refsource": "MISC", + "url": "http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/" + }, + { + "name": "https://magento.com/security/patches/magento-206-security-update", + "refsource": "CONFIRM", + "url": "https://magento.com/security/patches/magento-206-security-update" + }, + { + "name": "39838", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39838/" + }, + { + "name": "https://packetstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5166.json b/2016/5xxx/CVE-2016-5166.json index 8c806cf4fec..730ab857958 100644 --- a/2016/5xxx/CVE-2016-5166.json +++ b/2016/5xxx/CVE-2016-5166.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5166", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the \"Save page as\" menu choice." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5166", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://codereview.chromium.org/2075273002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2075273002" - }, - { - "name" : "https://crbug.com/616429", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/616429" - }, - { - "name" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", - "refsource" : "CONFIRM", - "url" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" - }, - { - "name" : "DSA-3660", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3660" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:1854", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1854.html" - }, - { - "name" : "openSUSE-SU-2016:2349", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" - }, - { - "name" : "SUSE-SU-2016:2251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:2250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:2296", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" - }, - { - "name" : "92717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92717" - }, - { - "name" : "1036729", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the \"Save page as\" menu choice." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:2250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" + }, + { + "name": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", + "refsource": "CONFIRM", + "url": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" + }, + { + "name": "SUSE-SU-2016:2251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" + }, + { + "name": "92717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92717" + }, + { + "name": "1036729", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036729" + }, + { + "name": "https://codereview.chromium.org/2075273002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2075273002" + }, + { + "name": "openSUSE-SU-2016:2349", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" + }, + { + "name": "https://crbug.com/616429", + "refsource": "CONFIRM", + "url": "https://crbug.com/616429" + }, + { + "name": "DSA-3660", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3660" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "openSUSE-SU-2016:2296", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" + }, + { + "name": "RHSA-2016:1854", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1854.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5621.json b/2016/5xxx/CVE-2016-5621.json index 0d01a69f649..3989c9dbca8 100644 --- a/2016/5xxx/CVE-2016-5621.json +++ b/2016/5xxx/CVE-2016-5621.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5621", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5621", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93633" - }, - { - "name" : "1037049", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037049" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93633" + }, + { + "name": "1037049", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037049" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5844.json b/2016/5xxx/CVE-2016-5844.json index 3ecf784ecc3..14a675f8c29 100644 --- a/2016/5xxx/CVE-2016-5844.json +++ b/2016/5xxx/CVE-2016-5844.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5844", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5844", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/23/6" - }, - { - "name" : "[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/24/4" - }, - { - "name" : "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", - "refsource" : "MISC", - "url" : "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1350280" - }, - { - "name" : "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22" - }, - { - "name" : "https://github.com/libarchive/libarchive/issues/717", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/issues/717" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "DSA-3657", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3657" - }, - { - "name" : "GLSA-201701-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-03" - }, - { - "name" : "RHSA-2016:1844", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1844.html" - }, - { - "name" : "RHSA-2016:1850", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1850.html" - }, - { - "name" : "91808", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91808" - }, - { - "name" : "1036173", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036173" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22" + }, + { + "name": "https://github.com/libarchive/libarchive/issues/717", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/issues/717" + }, + { + "name": "RHSA-2016:1844", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html" + }, + { + "name": "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html", + "refsource": "MISC", + "url": "https://blog.fuzzing-project.org/48-Out-of-bounds-read-and-signed-integer-overflow-in-libarchive.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "91808", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91808" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "[oss-security] 20160624 Re: Out of bounds read and signed integer overflow in libarchive", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/24/4" + }, + { + "name": "[oss-security] 20160623 Out of bounds read and signed integer overflow in libarchive", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/23/6" + }, + { + "name": "RHSA-2016:1850", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1850.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1350280", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1350280" + }, + { + "name": "GLSA-201701-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-03" + }, + { + "name": "DSA-3657", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3657" + }, + { + "name": "1036173", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036173" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0035.json b/2019/0xxx/CVE-2019-0035.json index ba19d1e91e1..82f51d5c6f8 100644 --- a/2019/0xxx/CVE-2019-0035.json +++ b/2019/0xxx/CVE-2019-0035.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0035", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0035", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0421.json b/2019/0xxx/CVE-2019-0421.json index 893c4a8e3da..6cbfde121ce 100644 --- a/2019/0xxx/CVE-2019-0421.json +++ b/2019/0xxx/CVE-2019-0421.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0421", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0421", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0446.json b/2019/0xxx/CVE-2019-0446.json index a9d688e6d9f..70edc4e044a 100644 --- a/2019/0xxx/CVE-2019-0446.json +++ b/2019/0xxx/CVE-2019-0446.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0446", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0446", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0748.json b/2019/0xxx/CVE-2019-0748.json index 59c70e3a62b..ebd82d4887b 100644 --- a/2019/0xxx/CVE-2019-0748.json +++ b/2019/0xxx/CVE-2019-0748.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0748", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0748", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1427.json b/2019/1xxx/CVE-2019-1427.json index c4058d0ca8e..1a8415d4fad 100644 --- a/2019/1xxx/CVE-2019-1427.json +++ b/2019/1xxx/CVE-2019-1427.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1427", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1427", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1752.json b/2019/1xxx/CVE-2019-1752.json index fbcc170695e..9875862fc2c 100644 --- a/2019/1xxx/CVE-2019-1752.json +++ b/2019/1xxx/CVE-2019-1752.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1752", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1752", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1785.json b/2019/1xxx/CVE-2019-1785.json index 1deee329ce6..fe52ef330f0 100644 --- a/2019/1xxx/CVE-2019-1785.json +++ b/2019/1xxx/CVE-2019-1785.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1785", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1785", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3436.json b/2019/3xxx/CVE-2019-3436.json index 349be943322..cce4a91b1c7 100644 --- a/2019/3xxx/CVE-2019-3436.json +++ b/2019/3xxx/CVE-2019-3436.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3436", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3436", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3810.json b/2019/3xxx/CVE-2019-3810.json index 71103376972..f2d543d06c5 100644 --- a/2019/3xxx/CVE-2019-3810.json +++ b/2019/3xxx/CVE-2019-3810.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3810", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3810", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4519.json b/2019/4xxx/CVE-2019-4519.json index 726e9af24dd..43f6aef27e0 100644 --- a/2019/4xxx/CVE-2019-4519.json +++ b/2019/4xxx/CVE-2019-4519.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4519", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4519", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4521.json b/2019/4xxx/CVE-2019-4521.json index 1fc85eb1602..9b992c9c9e5 100644 --- a/2019/4xxx/CVE-2019-4521.json +++ b/2019/4xxx/CVE-2019-4521.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4521", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4521", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4614.json b/2019/4xxx/CVE-2019-4614.json index 6897a0e52ec..fde5bf3efc0 100644 --- a/2019/4xxx/CVE-2019-4614.json +++ b/2019/4xxx/CVE-2019-4614.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4614", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4614", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4790.json b/2019/4xxx/CVE-2019-4790.json index 610b51d97e5..829bd17e6c0 100644 --- a/2019/4xxx/CVE-2019-4790.json +++ b/2019/4xxx/CVE-2019-4790.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4790", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4790", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5325.json b/2019/5xxx/CVE-2019-5325.json index 5471fe44084..fe31ca8b3d1 100644 --- a/2019/5xxx/CVE-2019-5325.json +++ b/2019/5xxx/CVE-2019-5325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5325", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5325", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8164.json b/2019/8xxx/CVE-2019-8164.json index 13c0ee0e292..187f75fadc9 100644 --- a/2019/8xxx/CVE-2019-8164.json +++ b/2019/8xxx/CVE-2019-8164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8595.json b/2019/8xxx/CVE-2019-8595.json index 30a8edcb1c3..b5dc27af85f 100644 --- a/2019/8xxx/CVE-2019-8595.json +++ b/2019/8xxx/CVE-2019-8595.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8595", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8595", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8768.json b/2019/8xxx/CVE-2019-8768.json index baf0e0ff383..eebb6c23005 100644 --- a/2019/8xxx/CVE-2019-8768.json +++ b/2019/8xxx/CVE-2019-8768.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8768", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8768", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8856.json b/2019/8xxx/CVE-2019-8856.json index 46a06c6d1ff..6f186e87b1b 100644 --- a/2019/8xxx/CVE-2019-8856.json +++ b/2019/8xxx/CVE-2019-8856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8907.json b/2019/8xxx/CVE-2019-8907.json index 848fa996fd8..2bea55b2ebd 100644 --- a/2019/8xxx/CVE-2019-8907.json +++ b/2019/8xxx/CVE-2019-8907.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190228 [SECURITY] [DLA 1698-1] file security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" - }, - { - "name" : "https://bugs.astron.com/view.php?id=65", - "refsource" : "MISC", - "url" : "https://bugs.astron.com/view.php?id=65" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.astron.com/view.php?id=65", + "refsource": "MISC", + "url": "https://bugs.astron.com/view.php?id=65" + }, + { + "name": "[debian-lts-announce] 20190228 [SECURITY] [DLA 1698-1] file security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9122.json b/2019/9xxx/CVE-2019-9122.json index df20d3966a0..bff22676cdc 100644 --- a/2019/9xxx/CVE-2019-9122.json +++ b/2019/9xxx/CVE-2019-9122.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-825/command%20injection.md", - "refsource" : "MISC", - "url" : "https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-825/command%20injection.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntp_server parameter in an ntp_sync.cgi POST request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-825/command%20injection.md", + "refsource": "MISC", + "url": "https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-825/command%20injection.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9464.json b/2019/9xxx/CVE-2019-9464.json index f624d1513b8..4aae98b4b7e 100644 --- a/2019/9xxx/CVE-2019-9464.json +++ b/2019/9xxx/CVE-2019-9464.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9464", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9464", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9655.json b/2019/9xxx/CVE-2019-9655.json index 7d481b7b5e6..6dcd0ebbe05 100644 --- a/2019/9xxx/CVE-2019-9655.json +++ b/2019/9xxx/CVE-2019-9655.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9655", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9655", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9702.json b/2019/9xxx/CVE-2019-9702.json index 25287aeb3f5..f1a725a1b2d 100644 --- a/2019/9xxx/CVE-2019-9702.json +++ b/2019/9xxx/CVE-2019-9702.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9702", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9702", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file