diff --git a/2007/0xxx/CVE-2007-0403.json b/2007/0xxx/CVE-2007-0403.json index bc77ca3b0a9..72390abd1b7 100644 --- a/2007/0xxx/CVE-2007-0403.json +++ b/2007/0xxx/CVE-2007-0403.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070120 Paypal Subscription Manager Multiple HTML Injections", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457506/100/0/threaded" - }, - { - "name" : "33560", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33560" - }, - { - "name" : "36103", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36103" - }, - { - "name" : "2168", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2168" - }, - { - "name" : "psm-memberlist-sql-injection(31616)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31616" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2168", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2168" + }, + { + "name": "36103", + "refsource": "OSVDB", + "url": "http://osvdb.org/36103" + }, + { + "name": "20070120 Paypal Subscription Manager Multiple HTML Injections", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457506/100/0/threaded" + }, + { + "name": "psm-memberlist-sql-injection(31616)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31616" + }, + { + "name": "33560", + "refsource": "OSVDB", + "url": "http://osvdb.org/33560" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0537.json b/2007/0xxx/CVE-2007-0537.json index 404c8cfe564..5241fe821f1 100644 --- a/2007/0xxx/CVE-2007-0537.json +++ b/2007/0xxx/CVE-2007-0537.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070124 Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457924/100/0/threaded" - }, - { - "name" : "http://www.kde.org/info/security/advisory-20070206-1.txt", - "refsource" : "CONFIRM", - "url" : "http://www.kde.org/info/security/advisory-20070206-1.txt" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1117", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1117" - }, - { - "name" : "GLSA-200703-10", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml" - }, - { - "name" : "MDKSA-2007:031", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:031" - }, - { - "name" : "MDKSA-2007:157", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:157" - }, - { - "name" : "RHSA-2007:0909", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0909.html" - }, - { - "name" : "SUSE-SR:2007:006", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_6_sr.html" - }, - { - "name" : "USN-420-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-420-1" - }, - { - "name" : "22428", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22428" - }, - { - "name" : "oval:org.mitre.oval:def:10244", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10244" - }, - { - "name" : "ADV-2007-0505", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0505" - }, - { - "name" : "32975", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32975" - }, - { - "name" : "1017591", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017591" - }, - { - "name" : "23932", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23932" - }, - { - "name" : "24013", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24013" - }, - { - "name" : "24065", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24065" - }, - { - "name" : "24442", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24442" - }, - { - "name" : "24463", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24463" - }, - { - "name" : "24889", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24889" - }, - { - "name" : "27108", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27108" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0909", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0909.html" + }, + { + "name": "MDKSA-2007:157", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:157" + }, + { + "name": "24889", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24889" + }, + { + "name": "23932", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23932" + }, + { + "name": "SUSE-SR:2007:006", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html" + }, + { + "name": "http://www.kde.org/info/security/advisory-20070206-1.txt", + "refsource": "CONFIRM", + "url": "http://www.kde.org/info/security/advisory-20070206-1.txt" + }, + { + "name": "32975", + "refsource": "OSVDB", + "url": "http://osvdb.org/32975" + }, + { + "name": "GLSA-200703-10", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml" + }, + { + "name": "20070124 Re: Safari Improperly Parses HTML Documents & BlogSpot XSS vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457924/100/0/threaded" + }, + { + "name": "USN-420-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-420-1" + }, + { + "name": "27108", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27108" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1117", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1117" + }, + { + "name": "24463", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24463" + }, + { + "name": "1017591", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017591" + }, + { + "name": "24065", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24065" + }, + { + "name": "24013", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24013" + }, + { + "name": "oval:org.mitre.oval:def:10244", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10244" + }, + { + "name": "MDKSA-2007:031", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:031" + }, + { + "name": "ADV-2007-0505", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0505" + }, + { + "name": "22428", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22428" + }, + { + "name": "24442", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24442" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0588.json b/2007/0xxx/CVE-2007-0588.json index 138362d7a1b..7bb3532ebaf 100644 --- a/2007/0xxx/CVE-2007-0588.json +++ b/2007/0xxx/CVE-2007-0588.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://security-protocols.com/sp-x43-advisory.php", - "refsource" : "MISC", - "url" : "http://security-protocols.com/sp-x43-advisory.php" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305214", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305214" - }, - { - "name" : "APPLE-SA-2007-03-13", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" - }, - { - "name" : "TA07-072A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" - }, - { - "name" : "VU#396820", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/396820" - }, - { - "name" : "22228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22228" - }, - { - "name" : "ADV-2007-0930", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0930" - }, - { - "name" : "33365", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33365" - }, - { - "name" : "1017760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017760" - }, - { - "name" : "24479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-072A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" + }, + { + "name": "APPLE-SA-2007-03-13", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305214", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305214" + }, + { + "name": "http://security-protocols.com/sp-x43-advisory.php", + "refsource": "MISC", + "url": "http://security-protocols.com/sp-x43-advisory.php" + }, + { + "name": "22228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22228" + }, + { + "name": "33365", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33365" + }, + { + "name": "VU#396820", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/396820" + }, + { + "name": "ADV-2007-0930", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0930" + }, + { + "name": "1017760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017760" + }, + { + "name": "24479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24479" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0667.json b/2007/0xxx/CVE-2007-0667.json index 6343357a6d0..f7d54d7872b 100644 --- a/2007/0xxx/CVE-2007-0667.json +++ b/2007/0xxx/CVE-2007-0667.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070127 Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458464/100/0/threaded" - }, - { - "name" : "20070206 Unofficial SQL-Ledger patch for CVE-2007-0667", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459264/100/0/threaded" - }, - { - "name" : "22295", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22295" - }, - { - "name" : "ADV-2007-0407", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0407" - }, - { - "name" : "2217", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070127 Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458464/100/0/threaded" + }, + { + "name": "20070206 Unofficial SQL-Ledger patch for CVE-2007-0667", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459264/100/0/threaded" + }, + { + "name": "2217", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2217" + }, + { + "name": "ADV-2007-0407", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0407" + }, + { + "name": "22295", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22295" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0795.json b/2007/0xxx/CVE-2007-0795.json index dc1d5b5e530..6378361d2b8 100644 --- a/2007/0xxx/CVE-2007-0795.json +++ b/2007/0xxx/CVE-2007-0795.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0795", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Wap Portal Server 1.x allow remote attackers to execute arbitrary PHP code via a URL in the language parameter to (1) index.php and (2) admin/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0795", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070203 Wap Portal Serve 1.* <= Remote File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459147/100/0/threaded" - }, - { - "name" : "33671", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33671" - }, - { - "name" : "33672", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33672" - }, - { - "name" : "35770", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35770" - }, - { - "name" : "2216", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2216" - }, - { - "name" : "wapportal-index-file-include(32196)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32196" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Wap Portal Server 1.x allow remote attackers to execute arbitrary PHP code via a URL in the language parameter to (1) index.php and (2) admin/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2216", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2216" + }, + { + "name": "33672", + "refsource": "OSVDB", + "url": "http://osvdb.org/33672" + }, + { + "name": "20070203 Wap Portal Serve 1.* <= Remote File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459147/100/0/threaded" + }, + { + "name": "33671", + "refsource": "OSVDB", + "url": "http://osvdb.org/33671" + }, + { + "name": "35770", + "refsource": "OSVDB", + "url": "http://osvdb.org/35770" + }, + { + "name": "wapportal-index-file-include(32196)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32196" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1081.json b/2007/1xxx/CVE-2007-1081.json index 7d8dbdc6a08..7bbddce2d18 100644 --- a/2007/1xxx/CVE-2007-1081.json +++ b/2007/1xxx/CVE-2007-1081.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-20070221-1", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-20070221-1" - }, - { - "name" : "22668", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22668" - }, - { - "name" : "ADV-2007-0697", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0697" - }, - { - "name" : "33471", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33471" - }, - { - "name" : "24207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24207" - }, - { - "name" : "typo3-t3libformmail-header-injection(32630)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32630" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-20070221-1", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-20070221-1" + }, + { + "name": "typo3-t3libformmail-header-injection(32630)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32630" + }, + { + "name": "24207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24207" + }, + { + "name": "ADV-2007-0697", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0697" + }, + { + "name": "33471", + "refsource": "OSVDB", + "url": "http://osvdb.org/33471" + }, + { + "name": "22668", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22668" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1406.json b/2007/1xxx/CVE-2007-1406.json index ceffaf866f3..08bb069d8a9 100644 --- a/2007/1xxx/CVE-2007-1406.json +++ b/2007/1xxx/CVE-2007-1406.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1406", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain \"unsafe\" situations, which has unknown impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://trac.edgewall.org/wiki/ChangeLog", - "refsource" : "CONFIRM", - "url" : "http://trac.edgewall.org/wiki/ChangeLog" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain \"unsafe\" situations, which has unknown impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://trac.edgewall.org/wiki/ChangeLog", + "refsource": "CONFIRM", + "url": "http://trac.edgewall.org/wiki/ChangeLog" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1665.json b/2007/1xxx/CVE-2007-1665.json index e4eef2ab91b..9db6e8be2f0 100644 --- a/2007/1xxx/CVE-2007-1665.json +++ b/2007/1xxx/CVE-2007-1665.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-1318", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1318" - }, - { - "name" : "24600", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24600" - }, - { - "name" : "45379", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45379" - }, - { - "name" : "ekg-ocr-function-dos(35136)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24600", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24600" + }, + { + "name": "ekg-ocr-function-dos(35136)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35136" + }, + { + "name": "45379", + "refsource": "OSVDB", + "url": "http://osvdb.org/45379" + }, + { + "name": "DSA-1318", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1318" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1854.json b/2007/1xxx/CVE-2007-1854.json index 99a3ceaf93c..4e87f54edd9 100644 --- a/2007/1xxx/CVE-2007-1854.json +++ b/2007/1xxx/CVE-2007-1854.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1854", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to \"unintended other requests.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1854", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html" - }, - { - "name" : "23213", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23213" - }, - { - "name" : "ADV-2007-1170", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1170" - }, - { - "name" : "34768", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34768" - }, - { - "name" : "24683", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24683" - }, - { - "name" : "hitachi-container-information-disclosure(33318)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to \"unintended other requests.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1170", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1170" + }, + { + "name": "23213", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23213" + }, + { + "name": "34768", + "refsource": "OSVDB", + "url": "http://osvdb.org/34768" + }, + { + "name": "24683", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24683" + }, + { + "name": "hitachi-container-information-disclosure(33318)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33318" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-006_e/index-e.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1973.json b/2007/1xxx/CVE-2007-1973.json index a5eda29d4c2..d0c622890ee 100644 --- a/2007/1xxx/CVE-2007-1973.json +++ b/2007/1xxx/CVE-2007-1973.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465232/100/0/threaded" - }, - { - "name" : "http://research.eeye.com/html/advisories/published/AD20070410a.html", - "refsource" : "MISC", - "url" : "http://research.eeye.com/html/advisories/published/AD20070410a.html" - }, - { - "name" : "37635", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37635" - }, - { - "name" : "2563", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2563" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37635", + "refsource": "OSVDB", + "url": "http://osvdb.org/37635" + }, + { + "name": "2563", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2563" + }, + { + "name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded" + }, + { + "name": "http://research.eeye.com/html/advisories/published/AD20070410a.html", + "refsource": "MISC", + "url": "http://research.eeye.com/html/advisories/published/AD20070410a.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3124.json b/2007/3xxx/CVE-2007-3124.json index d1ebf542092..9bdd6a16970 100644 --- a/2007/3xxx/CVE-2007-3124.json +++ b/2007/3xxx/CVE-2007-3124.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3124", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an \"extract [ny]\" prompt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3124", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://freevms.nvg.org/pub/vms/freevms/freevms-0_3_6.tgz", - "refsource" : "CONFIRM", - "url" : "ftp://freevms.nvg.org/pub/vms/freevms/freevms-0_3_6.tgz" - }, - { - "name" : "24333", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24333" - }, - { - "name" : "35521", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35521" - }, - { - "name" : "freevms-vmsbackup-bo(34820)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34820" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an \"extract [ny]\" prompt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35521", + "refsource": "OSVDB", + "url": "http://osvdb.org/35521" + }, + { + "name": "freevms-vmsbackup-bo(34820)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34820" + }, + { + "name": "24333", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24333" + }, + { + "name": "ftp://freevms.nvg.org/pub/vms/freevms/freevms-0_3_6.tgz", + "refsource": "CONFIRM", + "url": "ftp://freevms.nvg.org/pub/vms/freevms/freevms-0_3_6.tgz" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4252.json b/2007/4xxx/CVE-2007-4252.json index 7598ef93d0b..7b47eb23b11 100644 --- a/2007/4xxx/CVE-2007-4252.json +++ b/2007/4xxx/CVE-2007-4252.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4252", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4252", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4255", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4255" - }, - { - "name" : "25205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25205" - }, - { - "name" : "40110", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40110" - }, - { - "name" : "chilkataspstring-savetofile-code-execution(35812)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35812" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in a certain ActiveX control in CkString.dll 1.1 and earlier in CHILKAT ASP String allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveToFile method, a different vulnerability than CVE-2007-3633." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "chilkataspstring-savetofile-code-execution(35812)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35812" + }, + { + "name": "25205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25205" + }, + { + "name": "40110", + "refsource": "OSVDB", + "url": "http://osvdb.org/40110" + }, + { + "name": "4255", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4255" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4912.json b/2007/4xxx/CVE-2007-4912.json index 9817129448c..3af9023f191 100644 --- a/2007/4xxx/CVE-2007-4912.json +++ b/2007/4xxx/CVE-2007-4912.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4912", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4912", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forums.invisionpower.com/index.php?act=attach&type=post&id=11870", - "refsource" : "CONFIRM", - "url" : "http://forums.invisionpower.com/index.php?act=attach&type=post&id=11870" - }, - { - "name" : "http://forums.invisionpower.com/index.php?showtopic=237075", - "refsource" : "CONFIRM", - "url" : "http://forums.invisionpower.com/index.php?showtopic=237075" - }, - { - "name" : "25656", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25656" - }, - { - "name" : "26788", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26788" - }, - { - "name" : "ipb-profile-xss(36589)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36589" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ipb-profile-xss(36589)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36589" + }, + { + "name": "25656", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25656" + }, + { + "name": "http://forums.invisionpower.com/index.php?act=attach&type=post&id=11870", + "refsource": "CONFIRM", + "url": "http://forums.invisionpower.com/index.php?act=attach&type=post&id=11870" + }, + { + "name": "26788", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26788" + }, + { + "name": "http://forums.invisionpower.com/index.php?showtopic=237075", + "refsource": "CONFIRM", + "url": "http://forums.invisionpower.com/index.php?showtopic=237075" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4956.json b/2007/4xxx/CVE-2007-4956.json index a42b8a65ab4..11dbf806eee 100644 --- a/2007/4xxx/CVE-2007-4956.json +++ b/2007/4xxx/CVE-2007-4956.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4956", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4956", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4412", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4412" - }, - { - "name" : "4413", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4413" - }, - { - "name" : "4414", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4414" - }, - { - "name" : "http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=29", - "refsource" : "MISC", - "url" : "http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=29" - }, - { - "name" : "25679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25679" - }, - { - "name" : "37180", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37180" - }, - { - "name" : "37182", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37182" - }, - { - "name" : "26850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26850" - }, - { - "name" : "kwsphp-memberspace-index-sql-injection(36635)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36635" - }, - { - "name" : "kwsphp-stats-index-sql-injection(36634)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36634" - }, - { - "name" : "kwsphp-login-sql-injection(36636)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typenav parameter to index.php in a browser aff action in the stats module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "kwsphp-memberspace-index-sql-injection(36635)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36635" + }, + { + "name": "4412", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4412" + }, + { + "name": "http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=29", + "refsource": "MISC", + "url": "http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=29" + }, + { + "name": "4413", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4413" + }, + { + "name": "kwsphp-stats-index-sql-injection(36634)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36634" + }, + { + "name": "4414", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4414" + }, + { + "name": "kwsphp-login-sql-injection(36636)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36636" + }, + { + "name": "25679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25679" + }, + { + "name": "26850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26850" + }, + { + "name": "37182", + "refsource": "OSVDB", + "url": "http://osvdb.org/37182" + }, + { + "name": "37180", + "refsource": "OSVDB", + "url": "http://osvdb.org/37180" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4957.json b/2007/4xxx/CVE-2007-4957.json index 3d3d006d793..1890c09052a 100644 --- a/2007/4xxx/CVE-2007-4957.json +++ b/2007/4xxx/CVE-2007-4957.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4411", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4411" - }, - { - "name" : "25681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25681" - }, - { - "name" : "ADV-2007-3180", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3180" - }, - { - "name" : "38881", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38881" - }, - { - "name" : "38882", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38882" - }, - { - "name" : "26851", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26851" - }, - { - "name" : "chupix-download-directory-traversal(36641)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36641" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3) repertoire parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "chupix-download-directory-traversal(36641)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36641" + }, + { + "name": "38882", + "refsource": "OSVDB", + "url": "http://osvdb.org/38882" + }, + { + "name": "38881", + "refsource": "OSVDB", + "url": "http://osvdb.org/38881" + }, + { + "name": "26851", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26851" + }, + { + "name": "25681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25681" + }, + { + "name": "ADV-2007-3180", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3180" + }, + { + "name": "4411", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4411" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2570.json b/2015/2xxx/CVE-2015-2570.json index 2b5fe512028..e2be3830314 100644 --- a/2015/2xxx/CVE-2015-2570.json +++ b/2015/2xxx/CVE-2015-2570.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" - }, - { - "name" : "74116", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74116" - }, - { - "name" : "1032124", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032124" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032124", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032124" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" + }, + { + "name": "74116", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74116" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2849.json b/2015/2xxx/CVE-2015-2849.json index f9c65a51dde..dc1b46b10e2 100644 --- a/2015/2xxx/CVE-2015-2849.json +++ b/2015/2xxx/CVE-2015-2849.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#485324", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/485324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#485324", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/485324" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6064.json b/2015/6xxx/CVE-2015-6064.json index 3a084fc27f4..85159f88660 100644 --- a/2015/6xxx/CVE-2015-6064.json +++ b/2015/6xxx/CVE-2015-6064.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6084 and CVE-2015-6085." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-538", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-538" - }, - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "MS15-113", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" - }, - { - "name" : "77470", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77470" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - }, - { - "name" : "1034113", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6084 and CVE-2015-6085." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-113", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" + }, + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "1034113", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034113" + }, + { + "name": "77470", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77470" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-538", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-538" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6108.json b/2015/6xxx/CVE-2015-6108.json index 7d151da09e5..22d18eaa59d 100644 --- a/2015/6xxx/CVE-2015-6108.json +++ b/2015/6xxx/CVE-2015-6108.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6; Skype for Business 2016; Lync 2010; Lync 2013 SP1; Live Meeting 2007 Console; and Silverlight 5 allows remote attackers to execute arbitrary code via a crafted embedded font, aka \"Graphics Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-128", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128" - }, - { - "name" : "1034329", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034329" - }, - { - "name" : "1034330", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034330" - }, - { - "name" : "1034331", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034331" - }, - { - "name" : "1034332", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034332" - }, - { - "name" : "1034333", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034333" - }, - { - "name" : "1034336", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6; Skype for Business 2016; Lync 2010; Lync 2013 SP1; Live Meeting 2007 Console; and Silverlight 5 allows remote attackers to execute arbitrary code via a crafted embedded font, aka \"Graphics Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034333", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034333" + }, + { + "name": "1034331", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034331" + }, + { + "name": "MS15-128", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128" + }, + { + "name": "1034329", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034329" + }, + { + "name": "1034330", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034330" + }, + { + "name": "1034332", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034332" + }, + { + "name": "1034336", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034336" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6659.json b/2015/6xxx/CVE-2015-6659.json index 9328a228e2d..fc819845a64 100644 --- a/2015/6xxx/CVE-2015-6659.json +++ b/2015/6xxx/CVE-2015-6659.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/SA-CORE-2015-003", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2015-003" - }, - { - "name" : "DSA-3346", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3346" - }, - { - "name" : "FEDORA-2015-13916", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html" - }, - { - "name" : "FEDORA-2015-13917", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html" - }, - { - "name" : "FEDORA-2015-14442", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html" - }, - { - "name" : "FEDORA-2015-14443", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html" - }, - { - "name" : "FEDORA-2015-14444", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html" - }, - { - "name" : "FEDORA-2015-13915", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html" - }, - { - "name" : "76432", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76432" - }, - { - "name" : "1033358", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033358" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-14442", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165723.html" + }, + { + "name": "FEDORA-2015-13915", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165061.html" + }, + { + "name": "1033358", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033358" + }, + { + "name": "FEDORA-2015-14443", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165840.html" + }, + { + "name": "FEDORA-2015-13917", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165733.html" + }, + { + "name": "76432", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76432" + }, + { + "name": "DSA-3346", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3346" + }, + { + "name": "https://www.drupal.org/SA-CORE-2015-003", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2015-003" + }, + { + "name": "FEDORA-2015-14444", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165690.html" + }, + { + "name": "FEDORA-2015-13916", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165704.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6976.json b/2015/6xxx/CVE-2015-6976.json index 67c8ee1f022..6c9d6d40caf 100644 --- a/2015/6xxx/CVE-2015-6976.json +++ b/2015/6xxx/CVE-2015-6976.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-6976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "77263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77263" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "77263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77263" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7769.json b/2015/7xxx/CVE-2015-7769.json index f562896c6ba..6f985ae7dc2 100644 --- a/2015/7xxx/CVE-2015-7769.json +++ b/2015/7xxx/CVE-2015-7769.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://basercms.net/security/JVN69854312", - "refsource" : "CONFIRM", - "url" : "http://basercms.net/security/JVN69854312" - }, - { - "name" : "JVN#69854312", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN69854312/index.html" - }, - { - "name" : "JVNDB-2016-000030", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://basercms.net/security/JVN69854312", + "refsource": "CONFIRM", + "url": "http://basercms.net/security/JVN69854312" + }, + { + "name": "JVN#69854312", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN69854312/index.html" + }, + { + "name": "JVNDB-2016-000030", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000030" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7799.json b/2015/7xxx/CVE-2015-7799.json index 149ed9cfe83..a3eb47714d6 100644 --- a/2015/7xxx/CVE-2015-7799.json +++ b/2015/7xxx/CVE-2015-7799.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/10/3" - }, - { - "name" : "https://code.google.com/p/android/issues/detail?id=187973", - "refsource" : "MISC", - "url" : "https://code.google.com/p/android/issues/detail?id=187973" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1271134", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1271134" - }, - { - "name" : "DSA-3426", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3426" - }, - { - "name" : "SUSE-SU-2016:2074", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" - }, - { - "name" : "openSUSE-SU-2016:1008", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:2194", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" - }, - { - "name" : "SUSE-SU-2015:2292", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html" - }, - { - "name" : "SUSE-SU-2015:2339", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" - }, - { - "name" : "SUSE-SU-2015:2350", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" - }, - { - "name" : "openSUSE-SU-2015:2232", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" - }, - { - "name" : "USN-2886-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2886-1" - }, - { - "name" : "USN-2841-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-1" - }, - { - "name" : "USN-2841-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-2" - }, - { - "name" : "USN-2842-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-1" - }, - { - "name" : "USN-2842-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-2" - }, - { - "name" : "USN-2843-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-1" - }, - { - "name" : "USN-2843-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-2" - }, - { - "name" : "USN-2843-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-3" - }, - { - "name" : "USN-2844-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2844-1" - }, - { - "name" : "77033", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77033" - }, - { - "name" : "1033809", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2292", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html" + }, + { + "name": "USN-2841-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-2" + }, + { + "name": "77033", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77033" + }, + { + "name": "SUSE-SU-2015:2350", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" + }, + { + "name": "1033809", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033809" + }, + { + "name": "https://code.google.com/p/android/issues/detail?id=187973", + "refsource": "MISC", + "url": "https://code.google.com/p/android/issues/detail?id=187973" + }, + { + "name": "USN-2886-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2886-1" + }, + { + "name": "USN-2843-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-1" + }, + { + "name": "SUSE-SU-2015:2194", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" + }, + { + "name": "USN-2844-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2844-1" + }, + { + "name": "openSUSE-SU-2015:2232", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" + }, + { + "name": "USN-2842-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-2" + }, + { + "name": "USN-2843-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-2" + }, + { + "name": "SUSE-SU-2015:2339", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" + }, + { + "name": "USN-2842-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-1" + }, + { + "name": "[oss-security] 20151010 Re: CVE request - Android OS - Using the PPP character device driver caused the system to restart - Linux kernel", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/10/3" + }, + { + "name": "SUSE-SU-2016:2074", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271134" + }, + { + "name": "USN-2841-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-1" + }, + { + "name": "DSA-3426", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3426" + }, + { + "name": "USN-2843-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-3" + }, + { + "name": "openSUSE-SU-2016:1008", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0264.json b/2016/0xxx/CVE-2016-0264.json index 05ac82290ff..c1584c06c0a 100644 --- a/2016/0xxx/CVE-2016-0264.json +++ b/2016/0xxx/CVE-2016-0264.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826" - }, - { - "name" : "IV84035", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84035" - }, - { - "name" : "RHSA-2016:0701", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" - }, - { - "name" : "RHSA-2016:0702", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" - }, - { - "name" : "RHSA-2016:0708", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" - }, - { - "name" : "RHSA-2016:0716", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2016:1039", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "SUSE-SU-2016:1299", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" - }, - { - "name" : "SUSE-SU-2016:1300", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" - }, - { - "name" : "SUSE-SU-2016:1303", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" - }, - { - "name" : "SUSE-SU-2016:1378", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" - }, - { - "name" : "SUSE-SU-2016:1379", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" - }, - { - "name" : "SUSE-SU-2016:1388", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" - }, - { - "name" : "SUSE-SU-2016:1458", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" - }, - { - "name" : "SUSE-SU-2016:1475", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" - }, - { - "name" : "1035953", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826" + }, + { + "name": "SUSE-SU-2016:1299", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" + }, + { + "name": "RHSA-2016:1039", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html" + }, + { + "name": "RHSA-2016:0701", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html" + }, + { + "name": "SUSE-SU-2016:1303", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" + }, + { + "name": "SUSE-SU-2016:1475", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" + }, + { + "name": "SUSE-SU-2016:1300", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2016:0708", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html" + }, + { + "name": "SUSE-SU-2016:1378", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" + }, + { + "name": "SUSE-SU-2016:1379", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" + }, + { + "name": "SUSE-SU-2016:1458", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" + }, + { + "name": "IV84035", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84035" + }, + { + "name": "RHSA-2016:0716", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html" + }, + { + "name": "1035953", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035953" + }, + { + "name": "SUSE-SU-2016:1388", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" + }, + { + "name": "RHSA-2016:0702", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0412.json b/2016/0xxx/CVE-2016-0412.json index bd175f889af..84208394e5b 100644 --- a/2016/0xxx/CVE-2016-0412.json +++ b/2016/0xxx/CVE-2016-0412.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034720", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034720" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034720", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034720" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0630.json b/2016/0xxx/CVE-2016-0630.json index b359a5374bb..579f140d394 100644 --- a/2016/0xxx/CVE-2016-0630.json +++ b/2016/0xxx/CVE-2016-0630.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0630", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0630", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0996.json b/2016/0xxx/CVE-2016-0996.json index 4fbec4ba879..970180b6f6c 100644 --- a/2016/0xxx/CVE-2016-0996.json +++ b/2016/0xxx/CVE-2016-0996.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0996", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-193/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84312", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84312" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "84312", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84312" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-193/" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000111.json b/2016/1000xxx/CVE-2016-1000111.json index 860993ef413..bc922307094 100644 --- a/2016/1000xxx/CVE-2016-1000111.json +++ b/2016/1000xxx/CVE-2016-1000111.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000111", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000111", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10036.json b/2016/10xxx/CVE-2016-10036.json index 405a7fe83aa..e4b0b394a6d 100644 --- a/2016/10xxx/CVE-2016-10036.json +++ b/2016/10xxx/CVE-2016-10036.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44543", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44543/" - }, - { - "name" : "http://packetstormsecurity.com/files/147378/Jfrog-Artifactory-Code-Execution-Shell-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/147378/Jfrog-Artifactory-Code-Execution-Shell-Upload.html" - }, - { - "name" : "https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory4.16", - "refsource" : "CONFIRM", - "url" : "https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory4.16" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44543", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44543/" + }, + { + "name": "http://packetstormsecurity.com/files/147378/Jfrog-Artifactory-Code-Execution-Shell-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/147378/Jfrog-Artifactory-Code-Execution-Shell-Upload.html" + }, + { + "name": "https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory4.16", + "refsource": "CONFIRM", + "url": "https://www.jfrog.com/confluence/display/RTF/Release+Notes#ReleaseNotes-Artifactory4.16" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1151.json b/2016/1xxx/CVE-2016-1151.json index 1fe5e5b7d94..56f03d3cb0b 100644 --- a/2016/1xxx/CVE-2016-1151.json +++ b/2016/1xxx/CVE-2016-1151.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cs.cybozu.co.jp/2016/006111.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006111.html" - }, - { - "name" : "JVN#64209269", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN64209269/index.html" - }, - { - "name" : "JVNDB-2016-000024", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000024", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000024" + }, + { + "name": "https://cs.cybozu.co.jp/2016/006111.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006111.html" + }, + { + "name": "JVN#64209269", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN64209269/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1500.json b/2016/1xxx/CVE-2016-1500.json index 7a45aefa14d..91c02eb7cf4 100644 --- a/2016/1xxx/CVE-2016-1500.json +++ b/2016/1xxx/CVE-2016-1500.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the \"file_versions\" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with \".v\" and belonging to a sharing user by leveraging an incoming share." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-003", - "refsource" : "CONFIRM", - "url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the \"file_versions\" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting with \".v\" and belonging to a sharing user by leveraging an incoming share." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-003", + "refsource": "CONFIRM", + "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-003" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1642.json b/2016/1xxx/CVE-2016-1642.json index 8ce31b8298c..2d2b370f059 100644 --- a/2016/1xxx/CVE-2016-1642.json +++ b/2016/1xxx/CVE-2016-1642.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=472147", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=472147" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=563964", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=563964" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=565416", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=565416" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=565424", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=565424" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582470", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582470" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582697", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582697" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582701", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582701" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582707", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=582707" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=589186", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=589186" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=591402", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=591402" - }, - { - "name" : "DSA-3507", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3507" - }, - { - "name" : "SUSE-SU-2016:0665", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" - }, - { - "name" : "openSUSE-SU-2016:0684", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" - }, - { - "name" : "openSUSE-SU-2016:0729", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" - }, - { - "name" : "USN-2920-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2920-1" - }, - { - "name" : "84008", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84008" - }, - { - "name" : "1035185", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=563964", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=563964" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=582707", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=582707" + }, + { + "name": "openSUSE-SU-2016:0664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" + }, + { + "name": "openSUSE-SU-2016:0684", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" + }, + { + "name": "84008", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84008" + }, + { + "name": "DSA-3507", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3507" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=565416", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=565416" + }, + { + "name": "1035185", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035185" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=472147", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=472147" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=582697", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=582697" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=591402", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=591402" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=582701", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=582701" + }, + { + "name": "openSUSE-SU-2016:0729", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" + }, + { + "name": "SUSE-SU-2016:0665", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=565424", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=565424" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=582470", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=582470" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=589186", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=589186" + }, + { + "name": "USN-2920-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2920-1" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1667.json b/2016/1xxx/CVE-2016-1667.json index 1cdd3bc6a6e..2bfe9d17245 100644 --- a/2016/1xxx/CVE-2016-1667.json +++ b/2016/1xxx/CVE-2016-1667.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html" - }, - { - "name" : "https://codereview.chromium.org/1953323002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1953323002/" - }, - { - "name" : "https://crbug.com/605766", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/605766" - }, - { - "name" : "DSA-3590", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3590" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:1080", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1080.html" - }, - { - "name" : "openSUSE-SU-2016:1655", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" - }, - { - "name" : "openSUSE-SU-2016:1304", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html" - }, - { - "name" : "openSUSE-SU-2016:1319", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html" - }, - { - "name" : "USN-2960-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2960-1" - }, - { - "name" : "90584", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90584" - }, - { - "name" : "1035872", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90584", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90584" + }, + { + "name": "1035872", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035872" + }, + { + "name": "RHSA-2016:1080", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html" + }, + { + "name": "openSUSE-SU-2016:1304", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html" + }, + { + "name": "https://codereview.chromium.org/1953323002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1953323002/" + }, + { + "name": "openSUSE-SU-2016:1655", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" + }, + { + "name": "DSA-3590", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3590" + }, + { + "name": "USN-2960-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2960-1" + }, + { + "name": "https://crbug.com/605766", + "refsource": "CONFIRM", + "url": "https://crbug.com/605766" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html" + }, + { + "name": "openSUSE-SU-2016:1319", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1836.json b/2016/1xxx/CVE-2016-1836.json index d2e441baa68..3eb752356ad 100644 --- a/2016/1xxx/CVE-2016-1836.json +++ b/2016/1xxx/CVE-2016-1836.json @@ -1,227 +1,227 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206564", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206564" - }, - { - "name" : "https://support.apple.com/HT206566", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206566" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "https://support.apple.com/HT206568", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206568" - }, - { - "name" : "https://support.apple.com/HT206899", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206899" - }, - { - "name" : "https://support.apple.com/HT206901", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206901" - }, - { - "name" : "https://support.apple.com/HT206902", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206902" - }, - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "https://support.apple.com/HT206904", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206904" - }, - { - "name" : "https://support.apple.com/HT206905", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206905" - }, - { - "name" : "http://xmlsoft.org/news.html", - "refsource" : "CONFIRM", - "url" : "http://xmlsoft.org/news.html" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=759398", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=759398" - }, - { - "name" : "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-18", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-18" - }, - { - "name" : "APPLE-SA-2016-05-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-05-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-05-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-07-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-07-18-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-07-18-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-07-18-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" - }, - { - "name" : "DSA-3593", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2016/dsa-3593" - }, - { - "name" : "GLSA-201701-37", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-37" - }, - { - "name" : "RHSA-2016:1292", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1292" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "USN-2994-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2994-1" - }, - { - "name" : "90691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90691" - }, - { - "name" : "1035890", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" + }, + { + "name": "RHSA-2016:1292", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1292" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "90691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90691" + }, + { + "name": "DSA-3593", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2016/dsa-3593" + }, + { + "name": "APPLE-SA-2016-07-18-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" + }, + { + "name": "APPLE-SA-2016-07-18-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" + }, + { + "name": "APPLE-SA-2016-07-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" + }, + { + "name": "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0" + }, + { + "name": "http://xmlsoft.org/news.html", + "refsource": "CONFIRM", + "url": "http://xmlsoft.org/news.html" + }, + { + "name": "https://support.apple.com/HT206901", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206901" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "USN-2994-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2994-1" + }, + { + "name": "https://support.apple.com/HT206566", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206566" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "APPLE-SA-2016-07-18-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" + }, + { + "name": "https://www.tenable.com/security/tns-2016-18", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-18" + }, + { + "name": "APPLE-SA-2016-05-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" + }, + { + "name": "https://support.apple.com/HT206564", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206564" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "GLSA-201701-37", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-37" + }, + { + "name": "1035890", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035890" + }, + { + "name": "https://support.apple.com/HT206905", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206905" + }, + { + "name": "APPLE-SA-2016-05-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + }, + { + "name": "https://support.apple.com/HT206902", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206902" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=759398", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759398" + }, + { + "name": "https://support.apple.com/HT206904", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206904" + }, + { + "name": "https://support.apple.com/HT206568", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206568" + }, + { + "name": "APPLE-SA-2016-05-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" + }, + { + "name": "https://support.apple.com/HT206899", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206899" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4049.json b/2016/4xxx/CVE-2016-4049.json index 3c7db6b1278..74fe0fc6f7c 100644 --- a/2016/4xxx/CVE-2016-4049.json +++ b/2016/4xxx/CVE-2016-4049.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160427 CVE-2016-4049: Denial of Service Vulnerability in Quagga BGP Routing Daemon (bgpd)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/27/7" - }, - { - "name" : "[quagga-dev] 20160125 [quagga-dev 14619] SIGABRT while dumping BGP routes (bgpd)", - "refsource" : "MLIST", - "url" : "https://lists.quagga.net/pipermail/quagga-dev/2016-January/014699.html" - }, - { - "name" : "[quagga-dev] 20160203 [quagga-dev 14663] Re: SIGABRT while dumping BGP routes (bgpd)", - "refsource" : "MLIST", - "url" : "https://lists.quagga.net/pipermail/quagga-dev/2016-February/014743.html" - }, - { - "name" : "DSA-3654", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3654" - }, - { - "name" : "GLSA-201701-48", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-48" - }, - { - "name" : "RHSA-2017:0794", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0794.html" - }, - { - "name" : "openSUSE-SU-2016:1313", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00062.html" - }, - { - "name" : "88561", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/88561" - }, - { - "name" : "1035699", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:0794", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0794.html" + }, + { + "name": "GLSA-201701-48", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-48" + }, + { + "name": "1035699", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035699" + }, + { + "name": "[oss-security] 20160427 CVE-2016-4049: Denial of Service Vulnerability in Quagga BGP Routing Daemon (bgpd)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/27/7" + }, + { + "name": "openSUSE-SU-2016:1313", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00062.html" + }, + { + "name": "[quagga-dev] 20160125 [quagga-dev 14619] SIGABRT while dumping BGP routes (bgpd)", + "refsource": "MLIST", + "url": "https://lists.quagga.net/pipermail/quagga-dev/2016-January/014699.html" + }, + { + "name": "88561", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/88561" + }, + { + "name": "[quagga-dev] 20160203 [quagga-dev 14663] Re: SIGABRT while dumping BGP routes (bgpd)", + "refsource": "MLIST", + "url": "https://lists.quagga.net/pipermail/quagga-dev/2016-February/014743.html" + }, + { + "name": "DSA-3654", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3654" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4156.json b/2016/4xxx/CVE-2016-4156.json index 35dcd7d2b2a..98413572b71 100644 --- a/2016/4xxx/CVE-2016-4156.json +++ b/2016/4xxx/CVE-2016-4156.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4156", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4156", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" - }, - { - "name" : "MS16-083", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" - }, - { - "name" : "RHSA-2016:1238", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1238" - }, - { - "name" : "SUSE-SU-2016:1613", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" - }, - { - "name" : "openSUSE-SU-2016:1621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1625", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" - }, - { - "name" : "1036117", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036117", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036117" + }, + { + "name": "MS16-083", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" + }, + { + "name": "openSUSE-SU-2016:1625", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" + }, + { + "name": "RHSA-2016:1238", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1238" + }, + { + "name": "openSUSE-SU-2016:1621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" + }, + { + "name": "SUSE-SU-2016:1613", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4648.json b/2016/4xxx/CVE-2016-4648.json index e23ffa2aae4..fb2e0d2c26d 100644 --- a/2016/4xxx/CVE-2016-4648.json +++ b/2016/4xxx/CVE-2016-4648.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-496", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-496" - }, - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-496", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-496" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0443.json b/2019/0xxx/CVE-2019-0443.json index cc82371810d..e18bc51408e 100644 --- a/2019/0xxx/CVE-2019-0443.json +++ b/2019/0xxx/CVE-2019-0443.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0443", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0443", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3447.json b/2019/3xxx/CVE-2019-3447.json index 07b6a5dbdba..a68f71404cd 100644 --- a/2019/3xxx/CVE-2019-3447.json +++ b/2019/3xxx/CVE-2019-3447.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3447", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3447", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3604.json b/2019/3xxx/CVE-2019-3604.json index 106d5fd03ca..73cc1079d03 100644 --- a/2019/3xxx/CVE-2019-3604.json +++ b/2019/3xxx/CVE-2019-3604.json @@ -1,89 +1,89 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@mcafee.com", - "ID" : "CVE-2019-3604", - "STATE" : "PUBLIC", - "TITLE" : "ePolicy Orchestrator Cloud update fixes multiple Cross-Site Request Forgery vulnerabilities" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ePolicy Orchestrator Cloud", - "version" : { - "version_data" : [ - { - "affected" : "<", - "platform" : "Cloud", - "version_value" : "Current" - } - ] - } - } - ] - }, - "vendor_name" : "McAfee, LLC" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 4.8, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "LOW", - "privilegesRequired" : "HIGH", - "scope" : "UNCHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross Site Request Forgery (aka Session Riding) vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@mcafee.com", + "ID": "CVE-2019-3604", + "STATE": "PUBLIC", + "TITLE": "ePolicy Orchestrator Cloud update fixes multiple Cross-Site Request Forgery vulnerabilities" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ePolicy Orchestrator Cloud", + "version": { + "version_data": [ + { + "affected": "<", + "platform": "Cloud", + "version_value": "Current" + } + ] + } + } + ] + }, + "vendor_name": "McAfee, LLC" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10268", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10268" - }, - { - "name" : "106830", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106830" - } - ] - }, - "source" : { - "discovery" : "EXTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Request Forgery (aka Session Riding) vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10268", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10268" + }, + { + "name": "106830", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106830" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3835.json b/2019/3xxx/CVE-2019-3835.json index ebeed07d94c..9517a5b8623 100644 --- a/2019/3xxx/CVE-2019-3835.json +++ b/2019/3xxx/CVE-2019-3835.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3835", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3835", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4439.json b/2019/4xxx/CVE-2019-4439.json index 81d261c66e9..8ad78c5a8b8 100644 --- a/2019/4xxx/CVE-2019-4439.json +++ b/2019/4xxx/CVE-2019-4439.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4439", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4439", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4505.json b/2019/4xxx/CVE-2019-4505.json index 7bdddfe0fba..098071f23d0 100644 --- a/2019/4xxx/CVE-2019-4505.json +++ b/2019/4xxx/CVE-2019-4505.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4505", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4505", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4714.json b/2019/4xxx/CVE-2019-4714.json index 3ca05ffa4cc..2e683196593 100644 --- a/2019/4xxx/CVE-2019-4714.json +++ b/2019/4xxx/CVE-2019-4714.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4714", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4714", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4805.json b/2019/4xxx/CVE-2019-4805.json index 45d19429e32..29bcc64a241 100644 --- a/2019/4xxx/CVE-2019-4805.json +++ b/2019/4xxx/CVE-2019-4805.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4805", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4805", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6434.json b/2019/6xxx/CVE-2019-6434.json index 9b8368c4837..b23d66040f6 100644 --- a/2019/6xxx/CVE-2019-6434.json +++ b/2019/6xxx/CVE-2019-6434.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6434", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6434", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7162.json b/2019/7xxx/CVE-2019-7162.json index 8ffee570c83..90037687aff 100644 --- a/2019/7xxx/CVE-2019-7162.json +++ b/2019/7xxx/CVE-2019-7162.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7162", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7162", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7245.json b/2019/7xxx/CVE-2019-7245.json index fd71a8730f7..56fa007f3c7 100644 --- a/2019/7xxx/CVE-2019-7245.json +++ b/2019/7xxx/CVE-2019-7245.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7245", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7245", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7386.json b/2019/7xxx/CVE-2019-7386.json index 8cd8d5b55d6..8a77d3a2867 100644 --- a/2019/7xxx/CVE-2019-7386.json +++ b/2019/7xxx/CVE-2019-7386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7388.json b/2019/7xxx/CVE-2019-7388.json index 6c2ed0d26e4..98abc783dc3 100644 --- a/2019/7xxx/CVE-2019-7388.json +++ b/2019/7xxx/CVE-2019-7388.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/leonW7/D-Link/blob/master/Vul_3.md", - "refsource" : "MISC", - "url" : "https://github.com/leonW7/D-Link/blob/master/Vul_3.md" - }, - { - "name" : "106852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/leonW7/D-Link/blob/master/Vul_3.md", + "refsource": "MISC", + "url": "https://github.com/leonW7/D-Link/blob/master/Vul_3.md" + }, + { + "name": "106852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106852" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7747.json b/2019/7xxx/CVE-2019-7747.json index 38e8a06ba7c..c60d76dd6f5 100644 --- a/2019/7xxx/CVE-2019-7747.json +++ b/2019/7xxx/CVE-2019-7747.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7747", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DbNinja 3.2.7 allows session fixation via the data.php sessid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7747", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/eddietcc/CVEnotes/blob/master/DBNinja/Broken_Authentication/readme.md", - "refsource" : "MISC", - "url" : "https://github.com/eddietcc/CVEnotes/blob/master/DBNinja/Broken_Authentication/readme.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DbNinja 3.2.7 allows session fixation via the data.php sessid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/eddietcc/CVEnotes/blob/master/DBNinja/Broken_Authentication/readme.md", + "refsource": "MISC", + "url": "https://github.com/eddietcc/CVEnotes/blob/master/DBNinja/Broken_Authentication/readme.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8242.json b/2019/8xxx/CVE-2019-8242.json index c548b14555b..e717c31ab8d 100644 --- a/2019/8xxx/CVE-2019-8242.json +++ b/2019/8xxx/CVE-2019-8242.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8242", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8242", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8298.json b/2019/8xxx/CVE-2019-8298.json index 8232b19184a..4d2f8f75886 100644 --- a/2019/8xxx/CVE-2019-8298.json +++ b/2019/8xxx/CVE-2019-8298.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8298", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8298", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8616.json b/2019/8xxx/CVE-2019-8616.json index c26c978095a..c00b5b7ca3e 100644 --- a/2019/8xxx/CVE-2019-8616.json +++ b/2019/8xxx/CVE-2019-8616.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8616", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8616", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8696.json b/2019/8xxx/CVE-2019-8696.json index 95efe839c80..d43ba8746ec 100644 --- a/2019/8xxx/CVE-2019-8696.json +++ b/2019/8xxx/CVE-2019-8696.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8696", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8696", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8763.json b/2019/8xxx/CVE-2019-8763.json index f996cdf0916..b5885bdc9b7 100644 --- a/2019/8xxx/CVE-2019-8763.json +++ b/2019/8xxx/CVE-2019-8763.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8763", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8763", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9378.json b/2019/9xxx/CVE-2019-9378.json index ffb4dbbb09a..0c867b382f8 100644 --- a/2019/9xxx/CVE-2019-9378.json +++ b/2019/9xxx/CVE-2019-9378.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9378", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9378", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9651.json b/2019/9xxx/CVE-2019-9651.json index 22190d66ad8..08c8e170375 100644 --- a/2019/9xxx/CVE-2019-9651.json +++ b/2019/9xxx/CVE-2019-9651.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in SDCMS V1.7. In the \\app\\admin\\controller\\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions (such as \"eval\") are blocked but others (such as \"system\") are not, and because \".php\" is blocked but \".PHP\" is not blocked." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.iwantacve.cn/index.php/archives/155/", - "refsource" : "MISC", - "url" : "http://www.iwantacve.cn/index.php/archives/155/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in SDCMS V1.7. In the \\app\\admin\\controller\\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions (such as \"eval\") are blocked but others (such as \"system\") are not, and because \".php\" is blocked but \".PHP\" is not blocked." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.iwantacve.cn/index.php/archives/155/", + "refsource": "MISC", + "url": "http://www.iwantacve.cn/index.php/archives/155/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9706.json b/2019/9xxx/CVE-2019-9706.json index 59623e241f1..f8f40d014d1 100644 --- a/2019/9xxx/CVE-2019-9706.json +++ b/2019/9xxx/CVE-2019-9706.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167" - }, - { - "name" : "https://packages.qa.debian.org/c/cron/news/20190311T170403Z.html", - "refsource" : "MISC", - "url" : "https://packages.qa.debian.org/c/cron/news/20190311T170403Z.html" - }, - { - "name" : "https://salsa.debian.org/debian/cron/commit/40791b93", - "refsource" : "MISC", - "url" : "https://salsa.debian.org/debian/cron/commit/40791b93" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://salsa.debian.org/debian/cron/commit/40791b93", + "refsource": "MISC", + "url": "https://salsa.debian.org/debian/cron/commit/40791b93" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167" + }, + { + "name": "https://packages.qa.debian.org/c/cron/news/20190311T170403Z.html", + "refsource": "MISC", + "url": "https://packages.qa.debian.org/c/cron/news/20190311T170403Z.html" + } + ] + } +} \ No newline at end of file