diff --git a/1999/0xxx/CVE-1999-0724.json b/1999/0xxx/CVE-1999-0724.json index 04898b11e90..84cbe97f3a9 100644 --- a/1999/0xxx/CVE-1999-0724.json +++ b/1999/0xxx/CVE-1999-0724.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6128", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6128", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6128" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1171.json b/1999/1xxx/CVE-1999-1171.json index f12006f28ea..818f87e4db8 100644 --- a/1999/1xxx/CVE-1999-1171.json +++ b/1999/1xxx/CVE-1999-1171.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990204 WS FTP Server Remote DoS Attack", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=91816507920544&w=2" - }, - { - "name" : "218", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/218" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the \"flags\" registry key to 1920." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990204 WS FTP Server Remote DoS Attack", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=91816507920544&w=2" + }, + { + "name": "218", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/218" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1191.json b/1999/1xxx/CVE-1999-1191.json index 7f04e17a672..c460f3232ef 100644 --- a/1999/1xxx/CVE-1999-1191.json +++ b/1999/1xxx/CVE-1999-1191.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602167418335&w=2" - }, - { - "name" : "AA-97.18", - "refsource" : "AUSCERT", - "url" : "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul" - }, - { - "name" : "00144", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144" - }, - { - "name" : "207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/207" - }, - { - "name" : "solaris-chkey-bo(7442)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7442.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "solaris-chkey-bo(7442)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7442.php" + }, + { + "name": "00144", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144" + }, + { + "name": "207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/207" + }, + { + "name": "19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602167418335&w=2" + }, + { + "name": "AA-97.18", + "refsource": "AUSCERT", + "url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1123.json b/2000/1xxx/CVE-2000-1123.json index 3391a401f6f..f388746d200 100644 --- a/2000/1xxx/CVE-2000-1123.json +++ b/2000/1xxx/CVE-2000-1123.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1123", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1123", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001201 Fixed local AIX V43 vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97569466809056&w=2" - }, - { - "name" : "IY12638", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only" - }, - { - "name" : "2036", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2036" - }, - { - "name" : "aix-pioout-bo(5617)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2036", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2036" + }, + { + "name": "aix-pioout-bo(5617)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5617" + }, + { + "name": "20001201 Fixed local AIX V43 vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97569466809056&w=2" + }, + { + "name": "IY12638", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2051.json b/2005/2xxx/CVE-2005-2051.json index 521215445ae..961a26ecc11 100644 --- a/2005/2xxx/CVE-2005-2051.json +++ b/2005/2xxx/CVE-2005-2051.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2051", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2051", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050623 Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111954711532252&w=2" - }, - { - "name" : "http://seer.support.veritas.com/docs/276606.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.support.veritas.com/docs/276606.htm" - }, - { - "name" : "P-232", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/p-232.shtml" - }, - { - "name" : "14025", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14025" - }, - { - "name" : "15789", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15789" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "P-232", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/p-232.shtml" + }, + { + "name": "14025", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14025" + }, + { + "name": "http://seer.support.veritas.com/docs/276606.htm", + "refsource": "CONFIRM", + "url": "http://seer.support.veritas.com/docs/276606.htm" + }, + { + "name": "20050623 Buffer overflow vulnerability in VERITAS Software Backup Exec Web Administration Console (BEWAC)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111954711532252&w=2" + }, + { + "name": "15789", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15789" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2064.json b/2005/2xxx/CVE-2005-2064.json index 363d511aa07..bee7d496111 100644 --- a/2005/2xxx/CVE-2005-2064.json +++ b/2005/2xxx/CVE-2005-2064.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050626 M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111989223906484&w=2" - }, - { - "name" : "14062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14062" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14062" + }, + { + "name": "20050626 M4DR007-07SA (security advisory): Multiple vulnerabilities in ASP Nuke 0.80", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111989223906484&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2235.json b/2005/2xxx/CVE-2005-2235.json index c9c1d9ac981..2a3b9dda192 100644 --- a/2005/2xxx/CVE-2005-2235.json +++ b/2005/2xxx/CVE-2005-2235.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.caughq.org/advisories/CAU-2005-0004.txt", - "refsource" : "MISC", - "url" : "http://www.caughq.org/advisories/CAU-2005-0004.txt" - }, - { - "name" : "http://www.security-focus.com/advisories/8819", - "refsource" : "CONFIRM", - "url" : "http://www.security-focus.com/advisories/8819" - }, - { - "name" : "13912", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13912" - }, - { - "name" : "1014132", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014132" - }, - { - "name" : "15636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15636" + }, + { + "name": "http://www.caughq.org/advisories/CAU-2005-0004.txt", + "refsource": "MISC", + "url": "http://www.caughq.org/advisories/CAU-2005-0004.txt" + }, + { + "name": "13912", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13912" + }, + { + "name": "http://www.security-focus.com/advisories/8819", + "refsource": "CONFIRM", + "url": "http://www.security-focus.com/advisories/8819" + }, + { + "name": "1014132", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014132" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2306.json b/2005/2xxx/CVE-2005-2306.json index d71152ef5f4..0fc91fd3778 100644 --- a/2005/2xxx/CVE-2005-2306.json +++ b/2005/2xxx/CVE-2005-2306.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2306", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html" - }, - { - "name" : "1014489", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014489" - }, - { - "name" : "16081", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16081" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16081", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16081" + }, + { + "name": "1014489", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014489" + }, + { + "name": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html", + "refsource": "CONFIRM", + "url": "http://www.macromedia.com/devnet/security/security_zone/mpsb05-05.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2573.json b/2005/2xxx/CVE-2005-2573.json index 03cb00bd7be..e44e2c4fd47 100644 --- a/2005/2xxx/CVE-2005-2573.json +++ b/2005/2xxx/CVE-2005-2573.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\\) character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112360618320729&w=2" - }, - { - "name" : "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html" - }, - { - "name" : "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html", - "refsource" : "MISC", - "url" : "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html" - }, - { - "name" : "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA", - "refsource" : "CONFIRM", - "url" : "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA" - }, - { - "name" : "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA", - "refsource" : "CONFIRM", - "url" : "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA" - }, - { - "name" : "mysql-udf-directory-traversal(21738)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21738" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\\) character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mysql-udf-directory-traversal(21738)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21738" + }, + { + "name": "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112360618320729&w=2" + }, + { + "name": "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html", + "refsource": "MISC", + "url": "http://www.appsecinc.com/resources/alerts/mysql/2005-001.html" + }, + { + "name": "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA", + "refsource": "CONFIRM", + "url": "http://mysql.bkbits.net:8080/mysql-4.0/cset@428b981bg2iwh3CbGANDaF-W6DbttA" + }, + { + "name": "20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html" + }, + { + "name": "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA", + "refsource": "CONFIRM", + "url": "http://mysql.bkbits.net:8080/mysql-4.0/gnupatch@428b981bg2iwh3CbGANDaF-W6DbttA" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4192.json b/2005/4xxx/CVE-2005-4192.json index 133f60231fc..7883ce54c42 100644 --- a/2005/4xxx/CVE-2005-4192.json +++ b/2005/4xxx/CVE-2005-4192.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[horde-announce] 20051211 Mnemo H3 (2.0.3) (final)", - "refsource" : "MLIST", - "url" : "http://lists.horde.org/archives/announce/2005/000237.html" - }, - { - "name" : "http://www.sec-consult.com/245.html", - "refsource" : "MISC", - "url" : "http://www.sec-consult.com/245.html" - }, - { - "name" : "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h", - "refsource" : "CONFIRM", - "url" : "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h" - }, - { - "name" : "15803", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15803" - }, - { - "name" : "ADV-2005-2833", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2833" - }, - { - "name" : "17964", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17964" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[horde-announce] 20051211 Mnemo H3 (2.0.3) (final)", + "refsource": "MLIST", + "url": "http://lists.horde.org/archives/announce/2005/000237.html" + }, + { + "name": "17964", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17964" + }, + { + "name": "15803", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15803" + }, + { + "name": "ADV-2005-2833", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2833" + }, + { + "name": "http://www.sec-consult.com/245.html", + "refsource": "MISC", + "url": "http://www.sec-consult.com/245.html" + }, + { + "name": "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h", + "refsource": "CONFIRM", + "url": "http://cvs.horde.org/diff.php/mnemo/templates/notepads/notepads.inc?r1=1.9&r2=1.10&ty=h" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2024.json b/2009/2xxx/CVE-2009-2024.json index 99908cb27ca..05a651b2de2 100644 --- a/2009/2xxx/CVE-2009-2024.json +++ b/2009/2xxx/CVE-2009-2024.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8889", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8889" - }, - { - "name" : "vtauth-zhk8dees3-info-disclosure(50986)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vtauth-zhk8dees3-info-disclosure(50986)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50986" + }, + { + "name": "8889", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8889" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2263.json b/2009/2xxx/CVE-2009-2263.json index f07a54eff11..18ef605c4a3 100644 --- a/2009/2xxx/CVE-2009-2263.json +++ b/2009/2xxx/CVE-2009-2263.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9025", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9025" - }, - { - "name" : "35545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35545" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "9025", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9025" + }, + { + "name": "35545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35545" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2309.json b/2009/2xxx/CVE-2009-2309.json index bcce6affd64..b746fe81cef 100644 --- a/2009/2xxx/CVE-2009-2309.json +++ b/2009/2xxx/CVE-2009-2309.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8272", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/8272" - }, - { - "name" : "34208", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34208" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34208", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34208" + }, + { + "name": "8272", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/8272" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2354.json b/2009/2xxx/CVE-2009-2354.json index af49ca2341d..116583fb58d 100644 --- a/2009/2xxx/CVE-2009-2354.json +++ b/2009/2xxx/CVE-2009-2354.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2354", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090706 High security hole in NullLogic Groupware", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504737/100/0/threaded" - }, - { - "name" : "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55", - "refsource" : "MISC", - "url" : "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55" - }, - { - "name" : "ADV-2009-1817", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1817" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-1817", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1817" + }, + { + "name": "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55", + "refsource": "MISC", + "url": "http://www.nth-dimension.org.uk/utils/get.php?downloadsid=55" + }, + { + "name": "20090706 High security hole in NullLogic Groupware", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504737/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2843.json b/2009/2xxx/CVE-2009-2843.json index 5be0c2fd735..068fa0c9d02 100644 --- a/2009/2xxx/CVE-2009-2843.json +++ b/2009/2xxx/CVE-2009-2843.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3969", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3969" - }, - { - "name" : "http://support.apple.com/kb/HT3970", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3970" - }, - { - "name" : "APPLE-SA-2009-12-03-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2009-12-03-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html" - }, - { - "name" : "37206", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37206" - }, - { - "name" : "37581", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37581" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT3970", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3970" + }, + { + "name": "http://support.apple.com/kb/HT3969", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3969" + }, + { + "name": "APPLE-SA-2009-12-03-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html" + }, + { + "name": "37206", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37206" + }, + { + "name": "APPLE-SA-2009-12-03-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html" + }, + { + "name": "37581", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37581" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3079.json b/2009/3xxx/CVE-2009-3079.json index e255f3cad5f..fba8db780e2 100644 --- a/2009/3xxx/CVE-2009-3079.json +++ b/2009/3xxx/CVE-2009-3079.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2009-3079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=454363", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=454363" - }, - { - "name" : "DSA-1886", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1886" - }, - { - "name" : "RHSA-2009:1430", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-1430.html" - }, - { - "name" : "SUSE-SA:2009:048", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2009_48_firefox.html" - }, - { - "name" : "36343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36343" - }, - { - "name" : "oval:org.mitre.oval:def:10390", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390" - }, - { - "name" : "oval:org.mitre.oval:def:6250", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250" - }, - { - "name" : "1022873", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022873" - }, - { - "name" : "36671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36671" - }, - { - "name" : "37098", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37098" - }, - { - "name" : "36670", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36670" - }, - { - "name" : "36757", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36343" + }, + { + "name": "DSA-1886", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1886" + }, + { + "name": "SUSE-SA:2009:048", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2009_48_firefox.html" + }, + { + "name": "RHSA-2009:1430", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-1430.html" + }, + { + "name": "36670", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36670" + }, + { + "name": "36671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36671" + }, + { + "name": "oval:org.mitre.oval:def:10390", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390" + }, + { + "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-51.html" + }, + { + "name": "oval:org.mitre.oval:def:6250", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250" + }, + { + "name": "1022873", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022873" + }, + { + "name": "36757", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36757" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=454363", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=454363" + }, + { + "name": "37098", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37098" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3369.json b/2009/3xxx/CVE-2009-3369.json index a5a94fb4d37..3be67d50c22 100644 --- a/2009/3xxx/CVE-2009-3369.json +++ b/2009/3xxx/CVE-2009-3369.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=518412", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=518412" - }, - { - "name" : "FEDORA-2009-9973", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00729.html" - }, - { - "name" : "FEDORA-2009-9982", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00694.html" - }, - { - "name" : "57236", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/57236" - }, - { - "name" : "36393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36393" - }, - { - "name" : "37161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=518412", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=518412" + }, + { + "name": "36393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36393" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218" + }, + { + "name": "FEDORA-2009-9973", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00729.html" + }, + { + "name": "FEDORA-2009-9982", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00694.html" + }, + { + "name": "37161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37161" + }, + { + "name": "57236", + "refsource": "OSVDB", + "url": "http://osvdb.org/57236" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3745.json b/2009/3xxx/CVE-2009-3745.json index f4e1efea11e..3388000d452 100644 --- a/2009/3xxx/CVE-2009-3745.json +++ b/2009/3xxx/CVE-2009-3745.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3745", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3745", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024704", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024704" - }, - { - "name" : "PK97516", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516" - }, - { - "name" : "36734", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36734" - }, - { - "name" : "37093", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37093" - }, - { - "name" : "ADV-2009-2974", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2974" - }, - { - "name" : "rational-appscan-help-xss(53821)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53821" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the help pages in IBM Rational AppScan Enterprise Edition 5.5.0.2 allows remote attackers to inject arbitrary web script or HTML via the query string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37093", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37093" + }, + { + "name": "ADV-2009-2974", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2974" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24024704", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24024704" + }, + { + "name": "rational-appscan-help-xss(53821)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53821" + }, + { + "name": "PK97516", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK97516" + }, + { + "name": "36734", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36734" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3842.json b/2009/3xxx/CVE-2009-3842.json index 7e0caff68ab..9017f902e64 100644 --- a/2009/3xxx/CVE-2009-3842.json +++ b/2009/3xxx/CVE-2009-3842.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain \"access to data\" or cause a denial of service via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2009-3842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBPI02472", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=125864723627975&w=2" - }, - { - "name" : "SSRT090196", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=125864723627975&w=2" - }, - { - "name" : "37070", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37070" - }, - { - "name" : "37433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37433" - }, - { - "name" : "ADV-2009-3293", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3293" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain \"access to data\" or cause a denial of service via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT090196", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=125864723627975&w=2" + }, + { + "name": "HPSBPI02472", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=125864723627975&w=2" + }, + { + "name": "37433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37433" + }, + { + "name": "ADV-2009-3293", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3293" + }, + { + "name": "37070", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37070" + } + ] + } +} \ No newline at end of file diff --git a/2009/4xxx/CVE-2009-4854.json b/2009/4xxx/CVE-2009-4854.json index ec3036eb3dd..11fcde4c197 100644 --- a/2009/4xxx/CVE-2009-4854.json +++ b/2009/4xxx/CVE-2009-4854.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-4854", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-4854", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9095", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9095" - }, - { - "name" : "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html", - "refsource" : "MISC", - "url" : "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html" - }, - { - "name" : "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt", - "refsource" : "MISC", - "url" : "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt" - }, - { - "name" : "35619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35619" - }, - { - "name" : "talkback-import-command-execution(58705)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html", + "refsource": "MISC", + "url": "http://www.juniper.net/security/auto/vulnerabilities/vuln35619.html" + }, + { + "name": "35619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35619" + }, + { + "name": "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt", + "refsource": "MISC", + "url": "http://www.packetstormsecurity.org/0907-exploits/talkback-lfiexec.txt" + }, + { + "name": "9095", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9095" + }, + { + "name": "talkback-import-command-execution(58705)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58705" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0277.json b/2015/0xxx/CVE-2015-0277.json index 5f3f3abc6f3..9455fb83057 100644 --- a/2015/0xxx/CVE-2015-0277.json +++ b/2015/0xxx/CVE-2015-0277.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users' accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1194832", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1194832" - }, - { - "name" : "https://issues.jboss.org/browse/PLINK-678", - "refsource" : "CONFIRM", - "url" : "https://issues.jboss.org/browse/PLINK-678" - }, - { - "name" : "RHSA-2015:0846", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0846.html" - }, - { - "name" : "RHSA-2015:0847", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0847.html" - }, - { - "name" : "RHSA-2015:0848", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0848.html" - }, - { - "name" : "RHSA-2015:0849", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0849.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users' accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:0849", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html" + }, + { + "name": "RHSA-2015:0848", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0848.html" + }, + { + "name": "RHSA-2015:0846", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0846.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1194832", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194832" + }, + { + "name": "https://issues.jboss.org/browse/PLINK-678", + "refsource": "CONFIRM", + "url": "https://issues.jboss.org/browse/PLINK-678" + }, + { + "name": "RHSA-2015:0847", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0847.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0393.json b/2015/0xxx/CVE-2015-0393.json index 85d89ee1fd4..56ca3957440 100644 --- a/2015/0xxx/CVE-2015-0393.json +++ b/2015/0xxx/CVE-2015-0393.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0393", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a \"seeded install,\" which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf", - "refsource" : "MISC", - "url" : "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "72230", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72230" - }, - { - "name" : "1031579", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031579" - }, - { - "name" : "oracle-cpujan2015-cve20150393(100097)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a \"seeded install,\" which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-cpujan2015-cve20150393(100097)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100097" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf", + "refsource": "MISC", + "url": "http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf" + }, + { + "name": "72230", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72230" + }, + { + "name": "1031579", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031579" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0927.json b/2015/0xxx/CVE-2015-0927.json index 377b3380e29..851f0a7598b 100644 --- a/2015/0xxx/CVE-2015-0927.json +++ b/2015/0xxx/CVE-2015-0927.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0927", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-0927", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0977.json b/2015/0xxx/CVE-2015-0977.json index 2c533b2e0d1..60f2cf269e5 100644 --- a/2015/0xxx/CVE-2015-0977.json +++ b/2015/0xxx/CVE-2015-0977.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-0977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-057-01" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1161.json b/2015/1xxx/CVE-2015-1161.json index be1c3f161e3..e85223370d3 100644 --- a/2015/1xxx/CVE-2015-1161.json +++ b/2015/1xxx/CVE-2015-1161.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1161", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1161", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1754.json b/2015/1xxx/CVE-2015-1754.json index 1b1866be1e7..2cc089ed9b3 100644 --- a/2015/1xxx/CVE-2015-1754.json +++ b/2015/1xxx/CVE-2015-1754.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-1754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-056", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056" - }, - { - "name" : "74991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74991" - }, - { - "name" : "1032521", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-056", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056" + }, + { + "name": "74991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74991" + }, + { + "name": "1032521", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032521" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1919.json b/2015/1xxx/CVE-2015-1919.json index c2f80e474c4..5bb6f55ae78 100644 --- a/2015/1xxx/CVE-2015-1919.json +++ b/2015/1xxx/CVE-2015-1919.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-1919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960011", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960011" - }, - { - "name" : "75209", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75209", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75209" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960011" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4022.json b/2015/4xxx/CVE-2015-4022.json index 89b2e4b518e..8daf0e21fe3 100644 --- a/2015/4xxx/CVE-2015-4022.json +++ b/2015/4xxx/CVE-2015-4022.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=69545", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=69545" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "DSA-3280", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3280" - }, - { - "name" : "FEDORA-2015-8281", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" - }, - { - "name" : "FEDORA-2015-8370", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" - }, - { - "name" : "FEDORA-2015-8383", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" - }, - { - "name" : "GLSA-201606-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-10" - }, - { - "name" : "RHSA-2015:1187", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" - }, - { - "name" : "RHSA-2015:1135", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" - }, - { - "name" : "RHSA-2015:1186", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" - }, - { - "name" : "RHSA-2015:1218", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" - }, - { - "name" : "RHSA-2015:1219", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1219.html" - }, - { - "name" : "openSUSE-SU-2015:0993", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" - }, - { - "name" : "74902", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74902" - }, - { - "name" : "1032433", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1187", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html" + }, + { + "name": "https://bugs.php.net/bug.php?id=69545", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=69545" + }, + { + "name": "RHSA-2015:1186", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html" + }, + { + "name": "RHSA-2015:1219", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2015:0993", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "DSA-3280", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3280" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "1032433", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032433" + }, + { + "name": "RHSA-2015:1135", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html" + }, + { + "name": "74902", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74902" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "FEDORA-2015-8383", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" + }, + { + "name": "FEDORA-2015-8281", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" + }, + { + "name": "FEDORA-2015-8370", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" + }, + { + "name": "GLSA-201606-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-10" + }, + { + "name": "RHSA-2015:1218", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4500.json b/2015/4xxx/CVE-2015-4500.json index 201fc67ac85..a173a02c423 100644 --- a/2015/4xxx/CVE-2015-4500.json +++ b/2015/4xxx/CVE-2015-4500.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3365", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3365" - }, - { - "name" : "RHSA-2015:1852", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1852.html" - }, - { - "name" : "RHSA-2015:1834", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1834.html" - }, - { - "name" : "SUSE-SU-2015:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" - }, - { - "name" : "openSUSE-SU-2015:1658", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:1680", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html" - }, - { - "name" : "openSUSE-SU-2015:1679", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html" - }, - { - "name" : "openSUSE-SU-2015:1681", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" - }, - { - "name" : "SUSE-SU-2015:1703", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html" - }, - { - "name" : "USN-2743-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-4" - }, - { - "name" : "USN-2754-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2754-1" - }, - { - "name" : "USN-2743-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-1" - }, - { - "name" : "USN-2743-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-2" - }, - { - "name" : "USN-2743-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-3" - }, - { - "name" : "76816", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76816" - }, - { - "name" : "1033640", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:1680", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152026" + }, + { + "name": "SUSE-SU-2015:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202844" + }, + { + "name": "openSUSE-SU-2015:1681", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" + }, + { + "name": "USN-2754-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2754-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1044077" + }, + { + "name": "USN-2743-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-4" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-96.html" + }, + { + "name": "USN-2743-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-3" + }, + { + "name": "RHSA-2015:1834", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1834.html" + }, + { + "name": "USN-2743-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-2" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186962" + }, + { + "name": "1033640", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033640" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1183153" + }, + { + "name": "RHSA-2015:1852", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1852.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1161063" + }, + { + "name": "DSA-3365", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3365" + }, + { + "name": "76816", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76816" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1181651" + }, + { + "name": "SUSE-SU-2015:1703", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html" + }, + { + "name": "openSUSE-SU-2015:1679", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html" + }, + { + "name": "openSUSE-SU-2015:1658", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" + }, + { + "name": "USN-2743-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1201793" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4724.json b/2015/4xxx/CVE-2015-4724.json index 1367201d76a..a1c38921a22 100644 --- a/2015/4xxx/CVE-2015-4724.json +++ b/2015/4xxx/CVE-2015-4724.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Concrete5 5.7.3.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hackerone.com/reports/59664", - "refsource" : "MISC", - "url" : "http://hackerone.com/reports/59664" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Concrete5 5.7.3.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://hackerone.com/reports/59664", + "refsource": "MISC", + "url": "http://hackerone.com/reports/59664" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4767.json b/2015/4xxx/CVE-2015-4767.json index 769f6de5ccf..a8847152ab3 100644 --- a/2015/4xxx/CVE-2015-4767.json +++ b/2015/4xxx/CVE-2015-4767.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "GLSA-201610-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-06" - }, - { - "name" : "RHSA-2015:1630", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html" - }, - { - "name" : "RHSA-2015:1646", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html" - }, - { - "name" : "openSUSE-SU-2015:1629", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" - }, - { - "name" : "USN-2674-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2674-1" - }, - { - "name" : "75844", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75844" - }, - { - "name" : "1032911", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032911" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032911", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032911" + }, + { + "name": "RHSA-2015:1646", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html" + }, + { + "name": "openSUSE-SU-2015:1629", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" + }, + { + "name": "USN-2674-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2674-1" + }, + { + "name": "GLSA-201610-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-06" + }, + { + "name": "RHSA-2015:1630", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html" + }, + { + "name": "75844", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75844" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4797.json b/2015/4xxx/CVE-2015-4797.json index e2746bf34fb..74138b6744b 100644 --- a/2015/4xxx/CVE-2015-4797.json +++ b/2015/4xxx/CVE-2015-4797.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "1033899", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "1033899", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033899" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8986.json b/2015/8xxx/CVE-2015-8986.json index d169ab7fab3..5b59b5be39d 100644 --- a/2015/8xxx/CVE-2015-8986.json +++ b/2015/8xxx/CVE-2015-8986.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2015-8986", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Advanced Threat Defense (MATD)", - "version" : { - "version_data" : [ - { - "version_value" : "3.4.2.32 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Intel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Sandbox detection evasion vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2015-8986", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Advanced Threat Defense (MATD)", + "version": { + "version_data": [ + { + "version_value": "3.4.2.32 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Intel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10096", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10096" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Sandbox detection evasion vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096" + } + ] + } +} \ No newline at end of file diff --git a/2018/1002xxx/CVE-2018-1002005.json b/2018/1002xxx/CVE-2018-1002005.json index 845b48dec8e..6076f7e6e15 100644 --- a/2018/1002xxx/CVE-2018-1002005.json +++ b/2018/1002xxx/CVE-2018-1002005.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "larry0@me.com", - "DATE_ASSIGNED" : "2018-08-22", - "ID" : "CVE-2018-1002005", - "REQUESTER" : "kurt@seifried.org", - "STATE" : "PUBLIC", - "UPDATED" : "2017-08-10T14:41Z" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Arigato Autoresponder and Newsletter", - "version" : { - "version_data" : [ - { - "version_affected" : "<=", - "version_value" : "2.5.1.8" - } - ] - } - } - ] - }, - "vendor_name" : "Kiboko Labs https://calendarscripts.info/" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8" - } + "CVE_data_meta": { + "ASSIGNER": "larry0@me.com", + "DATE_ASSIGNED": "2018-08-22", + "ID": "CVE-2018-1002005", + "REQUESTER": "kurt@seifried.org", + "STATE": "PUBLIC", + "UPDATED": "2017-08-10T14:41Z" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Arigato Autoresponder and Newsletter", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "2.5.1.8" + } + ] + } + } + ] + }, + "vendor_name": "Kiboko Labs https://calendarscripts.info/" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45434", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45434/" - }, - { - "name" : "http://www.vapidlabs.com/advisory.php?v=203", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=203" - }, - { - "name" : "https://wordpress.org/plugins/bft-autoresponder/", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/bft-autoresponder/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5.1.8" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45434", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45434/" + }, + { + "name": "https://wordpress.org/plugins/bft-autoresponder/", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/bft-autoresponder/" + }, + { + "name": "http://www.vapidlabs.com/advisory.php?v=203", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=203" + } + ] + } +} \ No newline at end of file diff --git a/2018/1999xxx/CVE-2018-1999015.json b/2018/1999xxx/CVE-2018-1999015.json index c764e60f564..9fb5b6fd97d 100644 --- a/2018/1999xxx/CVE-2018-1999015.json +++ b/2018/1999xxx/CVE-2018-1999015.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-07-20T20:44:32.981391", - "DATE_REQUESTED" : "2018-07-13T16:19:44", - "ID" : "CVE-2018-1999015", - "REQUESTER" : "paulcher@icloud.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "FFmpeg", - "version" : { - "version_data" : [ - { - "version_value" : "before 5aba5b89d0b1d73164d3b81764828bb8b20ff32a" - } - ] - } - } - ] - }, - "vendor_name" : "FFmpeg" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "out of array read" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-07-20T20:44:32.981391", + "DATE_REQUESTED": "2018-07-13T16:19:44", + "ID": "CVE-2018-1999015", + "REQUESTER": "paulcher@icloud.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a", - "refsource" : "CONFIRM", - "url" : "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a" - }, - { - "name" : "104896", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104896", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104896" + }, + { + "name": "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a", + "refsource": "CONFIRM", + "url": "https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2527.json b/2018/2xxx/CVE-2018-2527.json index 96675e0cc7d..ebfbadc5aaf 100644 --- a/2018/2xxx/CVE-2018-2527.json +++ b/2018/2xxx/CVE-2018-2527.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2527", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2527", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2701.json b/2018/2xxx/CVE-2018-2701.json index 1d859c4b254..1b40f72a066 100644 --- a/2018/2xxx/CVE-2018-2701.json +++ b/2018/2xxx/CVE-2018-2701.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hospitality Cruise Fleet Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "9.0.4.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hospitality Cruise Fleet Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.0.4.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102554", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102554" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Fleet Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "102554", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102554" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3296.json b/2018/3xxx/CVE-2018-3296.json index 53c281be099..1ae19cffb2f 100644 --- a/2018/3xxx/CVE-2018-3296.json +++ b/2018/3xxx/CVE-2018-3296.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-3296", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.2.20" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-3296", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2.20" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "105619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105619" - }, - { - "name" : "1041887", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041887" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "1041887", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041887" + }, + { + "name": "105619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105619" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3720.json b/2018/3xxx/CVE-2018-3720.json index 59c875c023c..72cbcc14bd6 100644 --- a/2018/3xxx/CVE-2018-3720.json +++ b/2018/3xxx/CVE-2018-3720.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2018-3720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "assign-deep node module", - "version" : { - "version_data" : [ - { - "version_value" : "Versions before 0.4.7" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Modification of Assumed-Immutable Data (MAID) (CWE-471)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2018-3720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "assign-deep node module", + "version": { + "version_data": [ + { + "version_value": "Versions before 0.4.7" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11", - "refsource" : "MISC", - "url" : "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11" - }, - { - "name" : "https://hackerone.com/reports/310707", - "refsource" : "MISC", - "url" : "https://hackerone.com/reports/310707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Modification of Assumed-Immutable Data (MAID) (CWE-471)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://hackerone.com/reports/310707", + "refsource": "MISC", + "url": "https://hackerone.com/reports/310707" + }, + { + "name": "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11", + "refsource": "MISC", + "url": "https://github.com/jonschlinkert/assign-deep/commit/19953a8c089b0328c470acaaaf6accdfcb34da11" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6145.json b/2018/6xxx/CVE-2018-6145.json index 9bf5de10bbb..ad1b3cf700a 100644 --- a/2018/6xxx/CVE-2018-6145.json +++ b/2018/6xxx/CVE-2018-6145.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6145", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6145", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6496.json b/2018/6xxx/CVE-2018-6496.json index 797b3ebef17..06fccdf45f6 100644 --- a/2018/6xxx/CVE-2018-6496.json +++ b/2018/6xxx/CVE-2018-6496.json @@ -1,104 +1,104 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "ID" : "CVE-2018-6496", - "STATE" : "PUBLIC", - "TITLE" : "MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UCMDB Browser", - "version" : { - "version_data" : [ - { - "version_value" : "4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1" - } - ] - } - } - ] - }, - "vendor_name" : "Micro Focus" - } - ] - } - }, - "credit" : [ - { - "lang" : "eng", - "value" : "Micro Focus would like to thank Mateusz Garncarek for reporting this issue to cyber-psrt@microfocus.com." - } - ], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF)." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "cross-site request forgery (CSRF)" - } - ], - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "HIGH", - "baseScore" : 7.5, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "HIGH", - "privilegesRequired" : "NONE", - "scope" : "UNCHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "cross-site request forgery (CSRF)" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2018-6496", + "STATE": "PUBLIC", + "TITLE": "MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UCMDB Browser", + "version": { + "version_data": [ + { + "version_value": "4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1" + } + ] + } + } + ] + }, + "vendor_name": "Micro Focus" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066", - "refsource" : "CONFIRM", - "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066" - }, - { - "name" : "104483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104483" - }, - { - "name" : "1041139", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041139" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "credit": [ + { + "lang": "eng", + "value": "Micro Focus would like to thank Mateusz Garncarek for reporting this issue to cyber-psrt@microfocus.com." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF)." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "cross-site request forgery (CSRF)" + } + ], + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cross-site request forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104483" + }, + { + "name": "1041139", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041139" + }, + { + "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066", + "refsource": "CONFIRM", + "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6575.json b/2018/6xxx/CVE-2018-6575.json index 7149ba07326..cf6304d5c2e 100644 --- a/2018/6xxx/CVE-2018-6575.json +++ b/2018/6xxx/CVE-2018-6575.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6575", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6575", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43957", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43957" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43957", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43957" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6897.json b/2018/6xxx/CVE-2018-6897.json index e49fa5fa340..74edb3f0f67 100644 --- a/2018/6xxx/CVE-2018-6897.json +++ b/2018/6xxx/CVE-2018-6897.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6897", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6897", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7082.json b/2018/7xxx/CVE-2018-7082.json index f2c439b068e..39fc1d575f3 100644 --- a/2018/7xxx/CVE-2018-7082.json +++ b/2018/7xxx/CVE-2018-7082.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7082", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7082", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7595.json b/2018/7xxx/CVE-2018-7595.json index ea322c0ef64..f9ff38a2d96 100644 --- a/2018/7xxx/CVE-2018-7595.json +++ b/2018/7xxx/CVE-2018-7595.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7595", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7595", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5600.json b/2019/5xxx/CVE-2019-5600.json index 38290ec6219..1c066c2db1b 100644 --- a/2019/5xxx/CVE-2019-5600.json +++ b/2019/5xxx/CVE-2019-5600.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5600", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5600", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5931.json b/2019/5xxx/CVE-2019-5931.json index d86cc7b2103..838e6a57b40 100644 --- a/2019/5xxx/CVE-2019-5931.json +++ b/2019/5xxx/CVE-2019-5931.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5931", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5931", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file