From 74abf6d8ccf3a5633844b47df72150ca7195d1fd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 04:48:12 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0353.json | 130 +++++----- 1999/0xxx/CVE-1999-0687.json | 150 ++++++------ 2000/0xxx/CVE-2000-0230.json | 140 +++++------ 2000/0xxx/CVE-2000-0403.json | 140 +++++------ 2000/0xxx/CVE-2000-0556.json | 150 ++++++------ 2000/0xxx/CVE-2000-0804.json | 140 +++++------ 2000/0xxx/CVE-2000-0859.json | 140 +++++------ 2007/0xxx/CVE-2007-0943.json | 200 ++++++++-------- 2007/1xxx/CVE-2007-1079.json | 150 ++++++------ 2007/1xxx/CVE-2007-1419.json | 170 ++++++------- 2007/1xxx/CVE-2007-1528.json | 170 ++++++------- 2007/5xxx/CVE-2007-5114.json | 130 +++++----- 2007/5xxx/CVE-2007-5223.json | 180 +++++++------- 2007/5xxx/CVE-2007-5646.json | 190 +++++++-------- 2007/5xxx/CVE-2007-5792.json | 140 +++++------ 2007/5xxx/CVE-2007-5971.json | 450 +++++++++++++++++------------------ 2015/3xxx/CVE-2015-3002.json | 140 +++++------ 2015/6xxx/CVE-2015-6215.json | 34 +-- 2015/6xxx/CVE-2015-6652.json | 34 +-- 2015/7xxx/CVE-2015-7244.json | 140 +++++------ 2015/7xxx/CVE-2015-7500.json | 360 ++++++++++++++-------------- 2015/7xxx/CVE-2015-7501.json | 370 ++++++++++++++-------------- 2015/7xxx/CVE-2015-7834.json | 140 +++++------ 2015/8xxx/CVE-2015-8052.json | 140 +++++------ 2015/8xxx/CVE-2015-8354.json | 150 ++++++------ 2015/8xxx/CVE-2015-8369.json | 170 ++++++------- 2015/9xxx/CVE-2015-9129.json | 132 +++++----- 2015/9xxx/CVE-2015-9140.json | 132 +++++----- 2016/0xxx/CVE-2016-0028.json | 130 +++++----- 2016/0xxx/CVE-2016-0060.json | 170 ++++++------- 2016/0xxx/CVE-2016-0274.json | 130 +++++----- 2016/1xxx/CVE-2016-1018.json | 180 +++++++------- 2016/1xxx/CVE-2016-1251.json | 170 ++++++------- 2016/1xxx/CVE-2016-1459.json | 140 +++++------ 2016/5xxx/CVE-2016-5365.json | 120 +++++----- 2016/5xxx/CVE-2016-5530.json | 140 +++++------ 2016/5xxx/CVE-2016-5946.json | 140 +++++------ 2018/2xxx/CVE-2018-2783.json | 260 ++++++++++---------- 2019/0xxx/CVE-2019-0342.json | 34 +-- 2019/0xxx/CVE-2019-0540.json | 270 ++++++++++----------- 2019/0xxx/CVE-2019-0775.json | 34 +-- 2019/1xxx/CVE-2019-1051.json | 34 +-- 2019/1xxx/CVE-2019-1274.json | 34 +-- 2019/1xxx/CVE-2019-1439.json | 34 +-- 2019/1xxx/CVE-2019-1939.json | 34 +-- 2019/4xxx/CVE-2019-4007.json | 34 +-- 2019/4xxx/CVE-2019-4140.json | 34 +-- 2019/4xxx/CVE-2019-4236.json | 34 +-- 2019/4xxx/CVE-2019-4648.json | 34 +-- 2019/5xxx/CVE-2019-5088.json | 34 +-- 2019/5xxx/CVE-2019-5225.json | 34 +-- 2019/5xxx/CVE-2019-5418.json | 34 +-- 2019/5xxx/CVE-2019-5811.json | 34 +-- 2019/5xxx/CVE-2019-5845.json | 34 +-- 2019/8xxx/CVE-2019-8703.json | 34 +-- 2019/8xxx/CVE-2019-8764.json | 34 +-- 2019/9xxx/CVE-2019-9653.json | 34 +-- 2019/9xxx/CVE-2019-9703.json | 34 +-- 58 files changed, 3604 insertions(+), 3604 deletions(-) diff --git a/1999/0xxx/CVE-1999-0353.json b/1999/0xxx/CVE-1999-0353.json index a8dfe24ff15..4ed74bf3b49 100644 --- a/1999/0xxx/CVE-1999-0353.json +++ b/1999/0xxx/CVE-1999-0353.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0353", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0353", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9902-091", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9902-091" - }, - { - "name" : "J-026", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/j-026.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "J-026", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/j-026.shtml" + }, + { + "name": "HPSBUX9902-091", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9902-091" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0687.json b/1999/0xxx/CVE-1999-0687.json index ba179152349..38350e38a55 100644 --- a/1999/0xxx/CVE-1999-0687.json +++ b/1999/0xxx/CVE-1999-0687.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0687", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0687", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00192", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192" - }, - { - "name" : "HPSBUX9909-103", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103" - }, - { - "name" : "K-001", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/k-001.shtml" - }, - { - "name" : "637", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/637" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "K-001", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/k-001.shtml" + }, + { + "name": "HPSBUX9909-103", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103" + }, + { + "name": "00192", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192" + }, + { + "name": "637", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/637" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0230.json b/2000/0xxx/CVE-2000-0230.json index edc2e03f81a..fafffb1818a 100644 --- a/2000/0xxx/CVE-2000-0230.json +++ b/2000/0xxx/CVE-2000-0230.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0230", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0230", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000316 TESO & C-Skills development advisory -- imwheel", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" - }, - { - "name" : "RHSA-2000:016", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-016.html" - }, - { - "name" : "1060", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1060" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000316 TESO & C-Skills development advisory -- imwheel", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" + }, + { + "name": "1060", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1060" + }, + { + "name": "RHSA-2000:016", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0403.json b/2000/0xxx/CVE-2000-0403.json index ee1983cc77b..bf8f8174842 100644 --- a/2000/0xxx/CVE-2000-0403.json +++ b/2000/0xxx/CVE-2000-0403.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the \"HostAnnouncement Flooding\" or \"HostAnnouncement Frame\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-036", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036" - }, - { - "name" : "Q263307", - "refsource" : "MSKB", - "url" : "http://www.microsoft.com/technet/support/kb.asp?ID=263307" - }, - { - "name" : "1261", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1261" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the \"HostAnnouncement Flooding\" or \"HostAnnouncement Frame\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS00-036", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036" + }, + { + "name": "Q263307", + "refsource": "MSKB", + "url": "http://www.microsoft.com/technet/support/kb.asp?ID=263307" + }, + { + "name": "1261", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1261" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0556.json b/2000/0xxx/CVE-2000-0556.json index 2ff0f5b7842..0fc34434740 100644 --- a/2000/0xxx/CVE-2000-0556.json +++ b/2000/0xxx/CVE-2000-0556.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000608 DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail", - "refsource" : "NTBUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0248.html" - }, - { - "name" : "http://www.computalynx.net/news/Jun2000/news0806200001.html", - "refsource" : "CONFIRM", - "url" : "http://www.computalynx.net/news/Jun2000/news0806200001.html" - }, - { - "name" : "1319", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1319" - }, - { - "name" : "cmail-long-username-dos(4625)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000608 DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail", + "refsource": "NTBUGTRAQ", + "url": "http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0248.html" + }, + { + "name": "http://www.computalynx.net/news/Jun2000/news0806200001.html", + "refsource": "CONFIRM", + "url": "http://www.computalynx.net/news/Jun2000/news0806200001.html" + }, + { + "name": "1319", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1319" + }, + { + "name": "cmail-long-username-dos(4625)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4625" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0804.json b/2000/0xxx/CVE-2000-0804.json index b0cf2f66cde..60e8008c038 100644 --- a/2000/0xxx/CVE-2000-0804.json +++ b/2000/0xxx/CVE-2000-0804.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0804", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka \"One-way Connection Enforcement Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0804", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection", - "refsource" : "CONFIRM", - "url" : "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection" - }, - { - "name" : "fw1-remote-bypass(5468)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468" - }, - { - "name" : "4419", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka \"One-way Connection Enforcement Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4419", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4419" + }, + { + "name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection", + "refsource": "CONFIRM", + "url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection" + }, + { + "name": "fw1-remote-bypass(5468)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5468" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0859.json b/2000/0xxx/CVE-2000-0859.json index 38b9b1f2bab..34761126df6 100644 --- a/2000/0xxx/CVE-2000-0859.json +++ b/2000/0xxx/CVE-2000-0859.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0859", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0859", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000904 VIGILANTE-2000008: NTMail Configuration Service DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0471.html" - }, - { - "name" : "1640", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1640" - }, - { - "name" : "ntmail-incomplete-http-requests(5182)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5182" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000904 VIGILANTE-2000008: NTMail Configuration Service DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0471.html" + }, + { + "name": "ntmail-incomplete-http-requests(5182)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5182" + }, + { + "name": "1640", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1640" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0943.json b/2007/0xxx/CVE-2007-0943.json index 1822c23a040..78cb0839b06 100644 --- a/2007/0xxx/CVE-2007-0943.json +++ b/2007/0xxx/CVE-2007-0943.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.nsfocus.com/english/homepage/research/0701.htm", - "refsource" : "MISC", - "url" : "http://www.nsfocus.com/english/homepage/research/0701.htm" - }, - { - "name" : "MS07-045", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045" - }, - { - "name" : "TA07-226A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" - }, - { - "name" : "25288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25288" - }, - { - "name" : "ADV-2007-2869", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2869" - }, - { - "name" : "36397", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36397" - }, - { - "name" : "oval:org.mitre.oval:def:1673", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1673" - }, - { - "name" : "1018562", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018562" - }, - { - "name" : "26419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS07-045", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045" + }, + { + "name": "TA07-226A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" + }, + { + "name": "oval:org.mitre.oval:def:1673", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1673" + }, + { + "name": "ADV-2007-2869", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2869" + }, + { + "name": "26419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26419" + }, + { + "name": "http://www.nsfocus.com/english/homepage/research/0701.htm", + "refsource": "MISC", + "url": "http://www.nsfocus.com/english/homepage/research/0701.htm" + }, + { + "name": "36397", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36397" + }, + { + "name": "25288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25288" + }, + { + "name": "1018562", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018562" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1079.json b/2007/1xxx/CVE-2007-1079.json index 8b0d1a0ca31..66eb1202a34 100644 --- a/2007/1xxx/CVE-2007-1079.json +++ b/2007/1xxx/CVE-2007-1079.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3343", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3343" - }, - { - "name" : "22637", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22637" - }, - { - "name" : "33746", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33746" - }, - { - "name" : "ftpvoyager-cwd-dos(32593)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22637", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22637" + }, + { + "name": "ftpvoyager-cwd-dos(32593)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32593" + }, + { + "name": "3343", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3343" + }, + { + "name": "33746", + "refsource": "OSVDB", + "url": "http://osvdb.org/33746" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1419.json b/2007/1xxx/CVE-2007-1419.json index 5403284ea2a..1241b70ee6c 100644 --- a/2007/1xxx/CVE-2007-1419.json +++ b/2007/1xxx/CVE-2007-1419.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol (JMX RMI-IIOP) API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server application accessed by a privileged remote authenticated user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102835", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102835-1" - }, - { - "name" : "22907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22907" - }, - { - "name" : "ADV-2007-0906", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0906" - }, - { - "name" : "34018", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34018" - }, - { - "name" : "1017745", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017745" - }, - { - "name" : "24497", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol (JMX RMI-IIOP) API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server application accessed by a privileged remote authenticated user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0906", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0906" + }, + { + "name": "24497", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24497" + }, + { + "name": "102835", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102835-1" + }, + { + "name": "22907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22907" + }, + { + "name": "34018", + "refsource": "OSVDB", + "url": "http://osvdb.org/34018" + }, + { + "name": "1017745", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017745" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1528.json b/2007/1xxx/CVE-2007-1528.json index 15345c0ffa9..9ed0ecc27df 100644 --- a/2007/1xxx/CVE-2007-1528.json +++ b/2007/1xxx/CVE-2007-1528.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1528", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the \"Spoof on Bridge\" attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 New report on Windows Vista network attack surface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462793/100/0/threaded" - }, - { - "name" : "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464617/100/0/threaded" - }, - { - "name" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", - "refsource" : "MISC", - "url" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" - }, - { - "name" : "23280", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23280" - }, - { - "name" : "33662", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33662" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the \"Spoof on Bridge\" attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23280", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23280" + }, + { + "name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", + "refsource": "MISC", + "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" + }, + { + "name": "20070313 New report on Windows Vista network attack surface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded" + }, + { + "name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded" + }, + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" + }, + { + "name": "33662", + "refsource": "OSVDB", + "url": "http://osvdb.org/33662" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5114.json b/2007/5xxx/CVE-2007-5114.json index 8fefadced15..fdf7b24d2ef 100644 --- a/2007/5xxx/CVE-2007-5114.json +++ b/2007/5xxx/CVE-2007-5114.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5114", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in include/plugin/block.t.php in Peter Schmidt phpmyProfiler 0.9.6b allows remote attackers to execute arbitrary PHP code via a URL in the pmp_rel_path parameter. NOTE: this issue is disputed by CVE because the applicable require_once is in a function that is not called on a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5114", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phpmyprofiler/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phpmyprofiler/" - }, - { - "name" : "38579", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38579" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in include/plugin/block.t.php in Peter Schmidt phpmyProfiler 0.9.6b allows remote attackers to execute arbitrary PHP code via a URL in the pmp_rel_path parameter. NOTE: this issue is disputed by CVE because the applicable require_once is in a function that is not called on a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-phpmyprofiler/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-phpmyprofiler/" + }, + { + "name": "38579", + "refsource": "OSVDB", + "url": "http://osvdb.org/38579" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5223.json b/2007/5xxx/CVE-2007-5223.json index c3013c73f9c..76e51e420db 100644 --- a/2007/5xxx/CVE-2007-5223.json +++ b/2007/5xxx/CVE-2007-5223.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5223", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5223", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070929 Affiliate Network Pro Multiple Input Validation and Local file inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481206/100/0/threaded" - }, - { - "name" : "25882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25882" - }, - { - "name" : "ADV-2007-3344", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3344" - }, - { - "name" : "42342", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42342" - }, - { - "name" : "42343", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42343" - }, - { - "name" : "42344", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42344" - }, - { - "name" : "3191", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3191" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving (1) admin/backupstart.php, (2) a .sql filename under admin/admin/dump/, (3) a .sql filename in the fl parameter to admin/downloadbackup.php, and (4) a .. (dot dot) in the fl parameter to admin/downloadbackup.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42342", + "refsource": "OSVDB", + "url": "http://osvdb.org/42342" + }, + { + "name": "20070929 Affiliate Network Pro Multiple Input Validation and Local file inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481206/100/0/threaded" + }, + { + "name": "42344", + "refsource": "OSVDB", + "url": "http://osvdb.org/42344" + }, + { + "name": "42343", + "refsource": "OSVDB", + "url": "http://osvdb.org/42343" + }, + { + "name": "25882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25882" + }, + { + "name": "3191", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3191" + }, + { + "name": "ADV-2007-3344", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3344" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5646.json b/2007/5xxx/CVE-2007-5646.json index d8bd2d30847..5b3cf5c05a5 100644 --- a/2007/5xxx/CVE-2007-5646.json +++ b/2007/5xxx/CVE-2007-5646.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071020 Simple Machines Forum multiple sql injection flaws with exploit code.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482569/100/0/threaded" - }, - { - "name" : "4547", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4547" - }, - { - "name" : "http://www.simplemachines.org/community/index.php?topic=196380.0", - "refsource" : "CONFIRM", - "url" : "http://www.simplemachines.org/community/index.php?topic=196380.0" - }, - { - "name" : "26144", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26144" - }, - { - "name" : "ADV-2007-3568", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3568" - }, - { - "name" : "27346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27346" - }, - { - "name" : "3284", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3284" - }, - { - "name" : "simplemachinesforum-smfmembers-sql-injection(37342)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3284", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3284" + }, + { + "name": "20071020 Simple Machines Forum multiple sql injection flaws with exploit code.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482569/100/0/threaded" + }, + { + "name": "4547", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4547" + }, + { + "name": "simplemachinesforum-smfmembers-sql-injection(37342)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37342" + }, + { + "name": "26144", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26144" + }, + { + "name": "http://www.simplemachines.org/community/index.php?topic=196380.0", + "refsource": "CONFIRM", + "url": "http://www.simplemachines.org/community/index.php?topic=196380.0" + }, + { + "name": "ADV-2007-3568", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3568" + }, + { + "name": "27346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27346" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5792.json b/2007/5xxx/CVE-2007-5792.json index a17c93b2077..76a27927955 100644 --- a/2007/5xxx/CVE-2007-5792.json +++ b/2007/5xxx/CVE-2007-5792.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=359", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=359" - }, - { - "name" : "26129", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26129" - }, - { - "name" : "vonage-motorola-rtp-mitm(37418)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37418" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=359", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=359" + }, + { + "name": "vonage-motorola-rtp-mitm(37418)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37418" + }, + { + "name": "26129", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26129" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5971.json b/2007/5xxx/CVE-2007-5971.json index 9ad6d44ce4a..1a03ab6b331 100644 --- a/2007/5xxx/CVE-2007-5971.json +++ b/2007/5xxx/CVE-2007-5971.json @@ -1,227 +1,227 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489883/100/0/threaded" - }, - { - "name" : "20071208 MIT Kerberos 5: Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2007/Dec/0176.html" - }, - { - "name" : "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2007/Dec/0321.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=199212", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=199212" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2012", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2012" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0112", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0112" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "FEDORA-2008-2637", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html" - }, - { - "name" : "FEDORA-2008-2647", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html" - }, - { - "name" : "GLSA-200803-31", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200803-31.xml" - }, - { - "name" : "MDVSA-2008:070", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:070" - }, - { - "name" : "MDVSA-2008:069", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:069" - }, - { - "name" : "RHSA-2008:0164", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0164.html" - }, - { - "name" : "RHSA-2008:0180", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0180.html" - }, - { - "name" : "SUSE-SR:2008:002", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" - }, - { - "name" : "USN-924-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-924-1" - }, - { - "name" : "USN-940-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-940-1" - }, - { - "name" : "26750", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26750" - }, - { - "name" : "oval:org.mitre.oval:def:10296", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10296" - }, - { - "name" : "39290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39290" - }, - { - "name" : "39784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39784" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "43345", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43345" - }, - { - "name" : "28636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28636" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "29450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29450" - }, - { - "name" : "29451", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29451" - }, - { - "name" : "29457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29457" - }, - { - "name" : "29464", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29464" - }, - { - "name" : "29462", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29462" - }, - { - "name" : "29516", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29516" - }, - { - "name" : "ADV-2010-1192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39784" + }, + { + "name": "USN-940-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-940-1" + }, + { + "name": "29457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29457" + }, + { + "name": "MDVSA-2008:069", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:069" + }, + { + "name": "29464", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29464" + }, + { + "name": "SUSE-SR:2008:002", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" + }, + { + "name": "26750", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26750" + }, + { + "name": "FEDORA-2008-2637", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00537.html" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0112", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0112" + }, + { + "name": "29451", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29451" + }, + { + "name": "FEDORA-2008-2647", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00544.html" + }, + { + "name": "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0112" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "ADV-2010-1192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1192" + }, + { + "name": "RHSA-2008:0164", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0164.html" + }, + { + "name": "MDVSA-2008:070", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:070" + }, + { + "name": "29450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29450" + }, + { + "name": "43345", + "refsource": "OSVDB", + "url": "http://osvdb.org/43345" + }, + { + "name": "20080319 rPSA-2008-0112-1 krb5 krb5-server krb5-services krb5-test krb5-workstation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489883/100/0/threaded" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=199212", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=199212" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "20071208 MIT Kerberos 5: Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html" + }, + { + "name": "RHSA-2008:0180", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0180.html" + }, + { + "name": "29516", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29516" + }, + { + "name": "39290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39290" + }, + { + "name": "29462", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29462" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "USN-924-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-924-1" + }, + { + "name": "28636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28636" + }, + { + "name": "oval:org.mitre.oval:def:10296", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10296" + }, + { + "name": "GLSA-200803-31", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200803-31.xml" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2012", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2012" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3002.json b/2015/3xxx/CVE-2015-3002.json index d25f84fb470..4222cca5574 100644 --- a/2015/3xxx/CVE-2015-3002.json +++ b/2015/3xxx/CVE-2015-3002.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672" - }, - { - "name" : "74019", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74019" - }, - { - "name" : "1032091", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032091" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10672" + }, + { + "name": "1032091", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032091" + }, + { + "name": "74019", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74019" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6215.json b/2015/6xxx/CVE-2015-6215.json index c2b86f1450a..786ef37d966 100644 --- a/2015/6xxx/CVE-2015-6215.json +++ b/2015/6xxx/CVE-2015-6215.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6215", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6215", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6652.json b/2015/6xxx/CVE-2015-6652.json index 340f9894e86..83c4c091415 100644 --- a/2015/6xxx/CVE-2015-6652.json +++ b/2015/6xxx/CVE-2015-6652.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6652", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6652", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7244.json b/2015/7xxx/CVE-2015-7244.json index 51e3ec4cbc2..50036958dfe 100644 --- a/2015/7xxx/CVE-2015-7244.json +++ b/2015/7xxx/CVE-2015-7244.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote attackers to execute arbitrary commands or obtain sensitive information via X11 packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securifera.com/advisories/cve-2015-7244", - "refsource" : "MISC", - "url" : "http://www.securifera.com/advisories/cve-2015-7244" - }, - { - "name" : "http://blog.mobatek.net/post/mobaxterm-new-release-8.3/", - "refsource" : "CONFIRM", - "url" : "http://blog.mobatek.net/post/mobaxterm-new-release-8.3/" - }, - { - "name" : "VU#316888", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/316888" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote attackers to execute arbitrary commands or obtain sensitive information via X11 packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.mobatek.net/post/mobaxterm-new-release-8.3/", + "refsource": "CONFIRM", + "url": "http://blog.mobatek.net/post/mobaxterm-new-release-8.3/" + }, + { + "name": "http://www.securifera.com/advisories/cve-2015-7244", + "refsource": "MISC", + "url": "http://www.securifera.com/advisories/cve-2015-7244" + }, + { + "name": "VU#316888", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/316888" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7500.json b/2015/7xxx/CVE-2015-7500.json index 856674c4211..1e49b617e7e 100644 --- a/2015/7xxx/CVE-2015-7500.json +++ b/2015/7xxx/CVE-2015-7500.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xmlsoft.org/news.html", - "refsource" : "CONFIRM", - "url" : "http://xmlsoft.org/news.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1281943" - }, - { - "name" : "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f" - }, - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "https://support.apple.com/HT206169", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206169" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-03-21-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "DSA-3430", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3430" - }, - { - "name" : "GLSA-201701-37", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-37" - }, - { - "name" : "HPSBGN03537", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145382616617563&w=2" - }, - { - "name" : "RHSA-2015:2549", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2549.html" - }, - { - "name" : "RHSA-2015:2550", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2550.html" - }, - { - "name" : "RHSA-2016:1089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1089.html" - }, - { - "name" : "openSUSE-SU-2015:2372", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" - }, - { - "name" : "openSUSE-SU-2016:0106", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" - }, - { - "name" : "USN-2834-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2834-1" - }, - { - "name" : "79562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79562" - }, - { - "name" : "1034243", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2550", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" + }, + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "openSUSE-SU-2016:0106", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "DSA-3430", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3430" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "http://xmlsoft.org/news.html", + "refsource": "CONFIRM", + "url": "http://xmlsoft.org/news.html" + }, + { + "name": "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f" + }, + { + "name": "RHSA-2016:1089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "USN-2834-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2834-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943" + }, + { + "name": "1034243", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034243" + }, + { + "name": "RHSA-2015:2549", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" + }, + { + "name": "HPSBGN03537", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" + }, + { + "name": "79562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79562" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "GLSA-201701-37", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-37" + }, + { + "name": "openSUSE-SU-2015:2372", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" + }, + { + "name": "APPLE-SA-2016-03-21-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206169", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206169" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7501.json b/2015/7xxx/CVE-2015-7501.json index 29cff9371ef..e393cb36baf 100644 --- a/2015/7xxx/CVE-2015-7501.json +++ b/2015/7xxx/CVE-2015-7501.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7501", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7501", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://access.redhat.com/security/vulnerabilities/2059393", - "refsource" : "CONFIRM", - "url" : "https://access.redhat.com/security/vulnerabilities/2059393" - }, - { - "name" : "https://access.redhat.com/solutions/2045023", - "refsource" : "CONFIRM", - "url" : "https://access.redhat.com/solutions/2045023" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1279330", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1279330" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "RHSA-2015:2500", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2500.html" - }, - { - "name" : "RHSA-2015:2501", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2501.html" - }, - { - "name" : "RHSA-2015:2502", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2502.html" - }, - { - "name" : "RHSA-2015:2514", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2514.html" - }, - { - "name" : "RHSA-2015:2516", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2516.html" - }, - { - "name" : "RHSA-2015:2517", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2517.html" - }, - { - "name" : "RHSA-2015:2521", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2521.html" - }, - { - "name" : "RHSA-2015:2522", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2522.html" - }, - { - "name" : "RHSA-2015:2524", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2524.html" - }, - { - "name" : "RHSA-2015:2536", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2015-2536.html" - }, - { - "name" : "RHSA-2015:2670", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2670.html" - }, - { - "name" : "RHSA-2015:2671", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2671.html" - }, - { - "name" : "RHSA-2016:0040", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0040.html" - }, - { - "name" : "RHSA-2016:1773", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1773.html" - }, - { - "name" : "78215", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78215" - }, - { - "name" : "1034097", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034097" - }, - { - "name" : "1037052", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037052" - }, - { - "name" : "1037053", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037053" - }, - { - "name" : "1037640", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1279330", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1279330" + }, + { + "name": "RHSA-2016:0040", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0040.html" + }, + { + "name": "RHSA-2015:2670", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2670.html" + }, + { + "name": "https://access.redhat.com/solutions/2045023", + "refsource": "CONFIRM", + "url": "https://access.redhat.com/solutions/2045023" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "RHSA-2015:2501", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2501.html" + }, + { + "name": "RHSA-2015:2517", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2517.html" + }, + { + "name": "78215", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78215" + }, + { + "name": "1034097", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034097" + }, + { + "name": "RHSA-2015:2671", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2671.html" + }, + { + "name": "1037052", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037052" + }, + { + "name": "1037640", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037640" + }, + { + "name": "RHSA-2015:2522", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2522.html" + }, + { + "name": "RHSA-2015:2521", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2521.html" + }, + { + "name": "RHSA-2015:2516", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2516.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "https://access.redhat.com/security/vulnerabilities/2059393", + "refsource": "CONFIRM", + "url": "https://access.redhat.com/security/vulnerabilities/2059393" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "RHSA-2015:2500", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2500.html" + }, + { + "name": "RHSA-2015:2514", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2514.html" + }, + { + "name": "RHSA-2015:2502", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2502.html" + }, + { + "name": "RHSA-2015:2536", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2015-2536.html" + }, + { + "name": "RHSA-2016:1773", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html" + }, + { + "name": "RHSA-2015:2524", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2524.html" + }, + { + "name": "1037053", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037053" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7834.json b/2015/7xxx/CVE-2015-7834.json index b033392a501..3f9532626bc 100644 --- a/2015/7xxx/CVE-2015-7834.json +++ b/2015/7xxx/CVE-2015-7834.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7834", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-7834", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" - }, - { - "name" : "USN-2770-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-1" - }, - { - "name" : "USN-2770-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" + }, + { + "name": "USN-2770-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-1" + }, + { + "name": "USN-2770-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-2" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8052.json b/2015/8xxx/CVE-2015-8052.json index 6128a0090a1..7b579bf01b8 100644 --- a/2015/8xxx/CVE-2015-8052.json +++ b/2015/8xxx/CVE-2015-8052.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8052", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8052", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html" - }, - { - "name" : "77625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77625" - }, - { - "name" : "1034211", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77625" + }, + { + "name": "https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/coldfusion/apsb15-29.html" + }, + { + "name": "1034211", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034211" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8354.json b/2015/8xxx/CVE-2015-8354.json index 4bc763dca7e..d0dd22dbf99 100644 --- a/2015/8xxx/CVE-2015-8354.json +++ b/2015/8xxx/CVE-2015-8354.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8354", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to wp-admin/users.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151202 Reflected XSS in Ultimate Member WordPress Plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537021/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134601/WordPress-Ultimate-Member-1.3.28-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134601/WordPress-Ultimate-Member-1.3.28-Cross-Site-Scripting.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8346", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8346" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23277", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23277" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to wp-admin/users.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134601/WordPress-Ultimate-Member-1.3.28-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134601/WordPress-Ultimate-Member-1.3.28-Cross-Site-Scripting.html" + }, + { + "name": "20151202 Reflected XSS in Ultimate Member WordPress Plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537021/100/0/threaded" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23277", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23277" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/8346", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8346" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8369.json b/2015/8xxx/CVE-2015-8369.json index 9005cbe4d06..737a38214c2 100644 --- a/2015/8xxx/CVE-2015-8369.json +++ b/2015/8xxx/CVE-2015-8369.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151209 [CVE-2015-8369] Cacti SQL injection in graph.php", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/8" - }, - { - "name" : "http://bugs.cacti.net/view.php?id=2646", - "refsource" : "MISC", - "url" : "http://bugs.cacti.net/view.php?id=2646" - }, - { - "name" : "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html" - }, - { - "name" : "DSA-3423", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3423" - }, - { - "name" : "GLSA-201607-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-05" - }, - { - "name" : "1034497", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201607-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-05" + }, + { + "name": "http://bugs.cacti.net/view.php?id=2646", + "refsource": "MISC", + "url": "http://bugs.cacti.net/view.php?id=2646" + }, + { + "name": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html" + }, + { + "name": "DSA-3423", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3423" + }, + { + "name": "20151209 [CVE-2015-8369] Cacti SQL injection in graph.php", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/8" + }, + { + "name": "1034497", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034497" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9129.json b/2015/9xxx/CVE-2015-9129.json index 12e1d52499b..8dfde3c739d 100644 --- a/2015/9xxx/CVE-2015-9129.json +++ b/2015/9xxx/CVE-2015-9129.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9129", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Underflow (Wrap or Wraparound) in Core." - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9129", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Underflow (Wrap or Wraparound) in Core." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9140.json b/2015/9xxx/CVE-2015-9140.json index b5ed20aa430..a990c2cc336 100644 --- a/2015/9xxx/CVE-2015-9140.json +++ b/2015/9xxx/CVE-2015-9140.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear, Small Cell SoC", - "version" : { - "version_data" : [ - { - "version_value" : "FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Authourization in Core" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear, Small Cell SoC", + "version": { + "version_data": [ + { + "version_value": "FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authourization in Core" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0028.json b/2016/0xxx/CVE-2016-0028.json index 9c36e80b6a9..1a848144e7b 100644 --- a/2016/0xxx/CVE-2016-0028.json +++ b/2016/0xxx/CVE-2016-0028.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0028", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka \"Microsoft Exchange Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0028", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-079", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-079" - }, - { - "name" : "1036106", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka \"Microsoft Exchange Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-079", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-079" + }, + { + "name": "1036106", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036106" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0060.json b/2016/0xxx/CVE-2016-0060.json index 495e7adba40..0f482a8a726 100644 --- a/2016/0xxx/CVE-2016-0060.json +++ b/2016/0xxx/CVE-2016-0060.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0061, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-159", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-159" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-165", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-165" - }, - { - "name" : "MS16-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" - }, - { - "name" : "MS16-011", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-011" - }, - { - "name" : "1034971", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034971" - }, - { - "name" : "1034972", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034972" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0061, CVE-2016-0063, CVE-2016-0067, and CVE-2016-0072." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-165", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-165" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-159", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-159" + }, + { + "name": "1034972", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034972" + }, + { + "name": "1034971", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034971" + }, + { + "name": "MS16-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" + }, + { + "name": "MS16-011", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-011" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0274.json b/2016/0xxx/CVE-2016-0274.json index 824ba6a6e77..2061d02faa5 100644 --- a/2016/0xxx/CVE-2016-0274.json +++ b/2016/0xxx/CVE-2016-0274.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0274", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0274", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245" - }, - { - "name" : "ibm-ftm-cve20160274-clickjacking(111076)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/111076" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-ftm-cve20160274-clickjacking(111076)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111076" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1018.json b/2016/1xxx/CVE-2016-1018.json index 8a3d8f3ffff..a3a826673f0 100644 --- a/2016/1xxx/CVE-2016-1018.json +++ b/2016/1xxx/CVE-2016-1018.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-228/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" - }, - { - "name" : "MS16-050", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" - }, - { - "name" : "RHSA-2016:0610", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0610.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:1306", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" - }, - { - "name" : "1035509", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035509" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-228/" + }, + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "openSUSE-SU-2016:1306", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" + }, + { + "name": "RHSA-2016:0610", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" + }, + { + "name": "1035509", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035509" + }, + { + "name": "MS16-050", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1251.json b/2016/1xxx/CVE-2016-1251.json index a702802b586..7f4f644ef26 100644 --- a/2016/1xxx/CVE-2016-1251.json +++ b/2016/1xxx/CVE-2016-1251.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@debian.org", - "ID" : "CVE-2016-1251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "DBD::mysql before 4.041", - "version" : { - "version_data" : [ - { - "version_value" : "DBD::mysql before 4.041" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "use after free" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DBD::mysql before 4.041", + "version": { + "version_data": [ + { + "version_value": "DBD::mysql before 4.041" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openwall.com/lists/oss-security/2016/11/28/2", - "refsource" : "CONFIRM", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/28/2" - }, - { - "name" : "https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1", - "refsource" : "CONFIRM", - "url" : "https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1" - }, - { - "name" : "https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1", - "refsource" : "CONFIRM", - "url" : "https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1" - }, - { - "name" : "https://tracker.debian.org/news/819888", - "refsource" : "CONFIRM", - "url" : "https://tracker.debian.org/news/819888" - }, - { - "name" : "GLSA-201701-51", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-51" - }, - { - "name" : "94573", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94573" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tracker.debian.org/news/819888", + "refsource": "CONFIRM", + "url": "https://tracker.debian.org/news/819888" + }, + { + "name": "http://www.openwall.com/lists/oss-security/2016/11/28/2", + "refsource": "CONFIRM", + "url": "http://www.openwall.com/lists/oss-security/2016/11/28/2" + }, + { + "name": "https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1", + "refsource": "CONFIRM", + "url": "https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1" + }, + { + "name": "94573", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94573" + }, + { + "name": "https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1", + "refsource": "CONFIRM", + "url": "https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1" + }, + { + "name": "GLSA-201701-51", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-51" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1459.json b/2016/1xxx/CVE-2016-1459.json index f9978a21ffb..9f8758059cc 100644 --- a/2016/1xxx/CVE-2016-1459.json +++ b/2016/1xxx/CVE-2016-1459.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160715 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp" - }, - { - "name" : "91800", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91800" - }, - { - "name" : "1036321", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160715 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp" + }, + { + "name": "91800", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91800" + }, + { + "name": "1036321", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036321" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5365.json b/2016/5xxx/CVE-2016-5365.json index 4cc1a15646f..54928d5c25a 100644 --- a/2016/5xxx/CVE-2016-5365.json +++ b/2016/5xxx/CVE-2016-5365.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160607-01-honorrouter-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160607-01-honorrouter-en" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160607-01-honorrouter-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160607-01-honorrouter-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5530.json b/2016/5xxx/CVE-2016-5530.json index 5c75ada3217..3a8bef02ad2 100644 --- a/2016/5xxx/CVE-2016-5530.json +++ b/2016/5xxx/CVE-2016-5530.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability than CVE-2016-5529 and CVE-2016-8293." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93706", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93706" - }, - { - "name" : "1037046", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Integration Broker, a different vulnerability than CVE-2016-5529 and CVE-2016-8293." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93706", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93706" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037046", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037046" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5946.json b/2016/5xxx/CVE-2016-5946.json index 1508c88874a..e653cbe48d6 100644 --- a/2016/5xxx/CVE-2016-5946.json +++ b/2016/5xxx/CVE-2016-5946.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5946", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5946", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988625", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988625" - }, - { - "name" : "IT16944", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16944" - }, - { - "name" : "93086", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988625", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988625" + }, + { + "name": "IT16944", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16944" + }, + { + "name": "93086", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93086" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2783.json b/2018/2xxx/CVE-2018-2783.json index 4e04922d6bb..fe399fa0b7a 100644 --- a/2018/2xxx/CVE-2018-2783.json +++ b/2018/2xxx/CVE-2018-2783.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0001/" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" - }, - { - "name" : "RHSA-2018:1203", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1203" - }, - { - "name" : "RHSA-2018:1205", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1205" - }, - { - "name" : "RHSA-2018:1721", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1721" - }, - { - "name" : "RHSA-2018:1722", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1722" - }, - { - "name" : "RHSA-2018:1723", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1723" - }, - { - "name" : "RHSA-2018:1724", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1724" - }, - { - "name" : "RHSA-2018:1974", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1974" - }, - { - "name" : "RHSA-2018:1975", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1975" - }, - { - "name" : "USN-3644-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3644-1/" - }, - { - "name" : "103832", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103832" - }, - { - "name" : "1040697", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:1975", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1975" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us" + }, + { + "name": "1040697", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040697" + }, + { + "name": "RHSA-2018:1724", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1724" + }, + { + "name": "RHSA-2018:1203", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1203" + }, + { + "name": "USN-3644-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3644-1/" + }, + { + "name": "RHSA-2018:1723", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1723" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0001/" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "RHSA-2018:1722", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1722" + }, + { + "name": "RHSA-2018:1974", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1974" + }, + { + "name": "RHSA-2018:1205", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1205" + }, + { + "name": "RHSA-2018:1721", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1721" + }, + { + "name": "103832", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103832" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0342.json b/2019/0xxx/CVE-2019-0342.json index 5b9739aac71..248a2502d38 100644 --- a/2019/0xxx/CVE-2019-0342.json +++ b/2019/0xxx/CVE-2019-0342.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0342", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0342", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0540.json b/2019/0xxx/CVE-2019-0540.json index b47a42a4c05..32adc150b60 100644 --- a/2019/0xxx/CVE-2019-0540.json +++ b/2019/0xxx/CVE-2019-0540.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Office", - "version" : { - "version_data" : [ - { - "version_value" : "2010 Service Pack 2 (32-bit editions)" - }, - { - "version_value" : "2010 Service Pack 2 (64-bit editions)" - }, - { - "version_value" : "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value" : "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value" : "2013 RT Service Pack 1" - }, - { - "version_value" : "2016 (32-bit edition)" - }, - { - "version_value" : "2016 (64-bit edition)" - }, - { - "version_value" : "2019 for 32-bit editions" - }, - { - "version_value" : "2019 for 64-bit editions" - }, - { - "version_value" : "Word Viewer" - } - ] - } - }, - { - "product_name" : "Microsoft Excel Viewer", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - }, - { - "product_name" : "Office 365 ProPlus", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit Systems" - }, - { - "version_value" : "64-bit Systems" - } - ] - } - }, - { - "product_name" : "Microsoft PowerPoint Viewer", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - }, - { - "product_name" : "Microsoft Office Compatibility Pack", - "version" : { - "version_data" : [ - { - "version_value" : "Service Pack 3" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "2010 Service Pack 2 (32-bit editions)" + }, + { + "version_value": "2010 Service Pack 2 (64-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2019 for 32-bit editions" + }, + { + "version_value": "2019 for 64-bit editions" + }, + { + "version_value": "Word Viewer" + } + ] + } + }, + { + "product_name": "Microsoft Excel Viewer", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Office 365 ProPlus", + "version": { + "version_data": [ + { + "version_value": "32-bit Systems" + }, + { + "version_value": "64-bit Systems" + } + ] + } + }, + { + "product_name": "Microsoft PowerPoint Viewer", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Office Compatibility Pack", + "version": { + "version_data": [ + { + "version_value": "Service Pack 3" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540" - }, - { - "name" : "106863", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106863" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106863", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106863" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0775.json b/2019/0xxx/CVE-2019-0775.json index ac59640e66f..2c11f7b0fb7 100644 --- a/2019/0xxx/CVE-2019-0775.json +++ b/2019/0xxx/CVE-2019-0775.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0775", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0775", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1051.json b/2019/1xxx/CVE-2019-1051.json index a2e1c9d9ecf..d7651684c82 100644 --- a/2019/1xxx/CVE-2019-1051.json +++ b/2019/1xxx/CVE-2019-1051.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1051", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1051", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1274.json b/2019/1xxx/CVE-2019-1274.json index 87f2b6c3ccc..5f4d70d6bc1 100644 --- a/2019/1xxx/CVE-2019-1274.json +++ b/2019/1xxx/CVE-2019-1274.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1274", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1274", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1439.json b/2019/1xxx/CVE-2019-1439.json index 4032a9a0c2d..761dc6b3e1a 100644 --- a/2019/1xxx/CVE-2019-1439.json +++ b/2019/1xxx/CVE-2019-1439.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1439", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1439", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1939.json b/2019/1xxx/CVE-2019-1939.json index 828977b4a28..239774eb284 100644 --- a/2019/1xxx/CVE-2019-1939.json +++ b/2019/1xxx/CVE-2019-1939.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1939", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1939", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4007.json b/2019/4xxx/CVE-2019-4007.json index 962a0fa6a06..98b8e0bc9d6 100644 --- a/2019/4xxx/CVE-2019-4007.json +++ b/2019/4xxx/CVE-2019-4007.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4007", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4007", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4140.json b/2019/4xxx/CVE-2019-4140.json index 66e993b5c25..578cac2d941 100644 --- a/2019/4xxx/CVE-2019-4140.json +++ b/2019/4xxx/CVE-2019-4140.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4140", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4140", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4236.json b/2019/4xxx/CVE-2019-4236.json index f04492d1b01..257e068283b 100644 --- a/2019/4xxx/CVE-2019-4236.json +++ b/2019/4xxx/CVE-2019-4236.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4236", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4236", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4648.json b/2019/4xxx/CVE-2019-4648.json index 00a79616015..83e04599641 100644 --- a/2019/4xxx/CVE-2019-4648.json +++ b/2019/4xxx/CVE-2019-4648.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4648", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4648", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5088.json b/2019/5xxx/CVE-2019-5088.json index fb096952e6d..ea49345e9e3 100644 --- a/2019/5xxx/CVE-2019-5088.json +++ b/2019/5xxx/CVE-2019-5088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5088", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5088", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5225.json b/2019/5xxx/CVE-2019-5225.json index 14924531111..5cf0b584487 100644 --- a/2019/5xxx/CVE-2019-5225.json +++ b/2019/5xxx/CVE-2019-5225.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5225", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5225", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5418.json b/2019/5xxx/CVE-2019-5418.json index 2d7e15d2a42..03f54f33b73 100644 --- a/2019/5xxx/CVE-2019-5418.json +++ b/2019/5xxx/CVE-2019-5418.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5418", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5418", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5811.json b/2019/5xxx/CVE-2019-5811.json index 3e293a3c5e2..afc6041438b 100644 --- a/2019/5xxx/CVE-2019-5811.json +++ b/2019/5xxx/CVE-2019-5811.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5811", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5811", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5845.json b/2019/5xxx/CVE-2019-5845.json index f1d8db7069e..a839c5a1d6e 100644 --- a/2019/5xxx/CVE-2019-5845.json +++ b/2019/5xxx/CVE-2019-5845.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5845", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5845", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8703.json b/2019/8xxx/CVE-2019-8703.json index f80a23e18af..520812dab37 100644 --- a/2019/8xxx/CVE-2019-8703.json +++ b/2019/8xxx/CVE-2019-8703.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8703", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8703", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8764.json b/2019/8xxx/CVE-2019-8764.json index 3793da24b07..6e14227bb12 100644 --- a/2019/8xxx/CVE-2019-8764.json +++ b/2019/8xxx/CVE-2019-8764.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8764", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8764", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9653.json b/2019/9xxx/CVE-2019-9653.json index 0b9dc38b98b..554af14b78f 100644 --- a/2019/9xxx/CVE-2019-9653.json +++ b/2019/9xxx/CVE-2019-9653.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9653", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9653", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9703.json b/2019/9xxx/CVE-2019-9703.json index 641f04172ac..99632d05340 100644 --- a/2019/9xxx/CVE-2019-9703.json +++ b/2019/9xxx/CVE-2019-9703.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9703", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9703", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file