From 8109a718e504bb0e0b71ebf54efddb6ff2859184 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:22:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0238.json | 390 +++++++++++++++---------------- 2007/0xxx/CVE-2007-0434.json | 150 ++++++------ 2007/0xxx/CVE-2007-0511.json | 190 +++++++-------- 2007/0xxx/CVE-2007-0848.json | 180 +++++++------- 2007/0xxx/CVE-2007-0866.json | 190 +++++++-------- 2007/1xxx/CVE-2007-1366.json | 230 +++++++++--------- 2007/1xxx/CVE-2007-1506.json | 160 ++++++------- 2007/3xxx/CVE-2007-3098.json | 160 ++++++------- 2007/3xxx/CVE-2007-3180.json | 190 +++++++-------- 2007/3xxx/CVE-2007-3294.json | 150 ++++++------ 2007/3xxx/CVE-2007-3908.json | 190 +++++++-------- 2007/4xxx/CVE-2007-4003.json | 200 ++++++++-------- 2007/4xxx/CVE-2007-4085.json | 150 ++++++------ 2007/4xxx/CVE-2007-4301.json | 180 +++++++------- 2007/4xxx/CVE-2007-4940.json | 160 ++++++------- 2007/4xxx/CVE-2007-4959.json | 160 ++++++------- 2014/100xxx/CVE-2014-100026.json | 160 ++++++------- 2014/5xxx/CVE-2014-5717.json | 140 +++++------ 2015/2xxx/CVE-2015-2841.json | 140 +++++------ 2015/2xxx/CVE-2015-2885.json | 120 +++++----- 2015/2xxx/CVE-2015-2943.json | 130 +++++------ 2015/6xxx/CVE-2015-6032.json | 120 +++++----- 2015/6xxx/CVE-2015-6688.json | 140 +++++------ 2015/6xxx/CVE-2015-6798.json | 34 +-- 2015/7xxx/CVE-2015-7285.json | 140 +++++------ 2015/7xxx/CVE-2015-7371.json | 150 ++++++------ 2015/7xxx/CVE-2015-7604.json | 130 +++++------ 2015/7xxx/CVE-2015-7634.json | 210 ++++++++--------- 2015/7xxx/CVE-2015-7718.json | 120 +++++----- 2015/7xxx/CVE-2015-7836.json | 140 +++++------ 2016/0xxx/CVE-2016-0049.json | 160 ++++++------- 2016/10xxx/CVE-2016-10340.json | 140 +++++------ 2016/10xxx/CVE-2016-10427.json | 132 +++++------ 2016/10xxx/CVE-2016-10545.json | 34 +-- 2016/1xxx/CVE-2016-1126.json | 130 +++++------ 2016/1xxx/CVE-2016-1325.json | 140 +++++------ 2016/1xxx/CVE-2016-1908.json | 220 ++++++++--------- 2016/4xxx/CVE-2016-4035.json | 34 +-- 2016/4xxx/CVE-2016-4769.json | 170 +++++++------- 2019/3xxx/CVE-2019-3123.json | 34 +-- 2019/3xxx/CVE-2019-3527.json | 34 +-- 2019/3xxx/CVE-2019-3717.json | 34 +-- 2019/3xxx/CVE-2019-3778.json | 176 +++++++------- 2019/4xxx/CVE-2019-4221.json | 34 +-- 2019/4xxx/CVE-2019-4397.json | 34 +-- 2019/4xxx/CVE-2019-4881.json | 34 +-- 2019/6xxx/CVE-2019-6139.json | 122 +++++----- 2019/6xxx/CVE-2019-6249.json | 130 +++++------ 2019/6xxx/CVE-2019-6279.json | 34 +-- 2019/7xxx/CVE-2019-7127.json | 34 +-- 2019/7xxx/CVE-2019-7406.json | 34 +-- 2019/7xxx/CVE-2019-7439.json | 34 +-- 2019/7xxx/CVE-2019-7976.json | 34 +-- 2019/8xxx/CVE-2019-8103.json | 34 +-- 2019/8xxx/CVE-2019-8346.json | 34 +-- 2019/8xxx/CVE-2019-8373.json | 34 +-- 2019/8xxx/CVE-2019-8513.json | 34 +-- 2019/8xxx/CVE-2019-8638.json | 34 +-- 2019/9xxx/CVE-2019-9188.json | 34 +-- 2019/9xxx/CVE-2019-9252.json | 34 +-- 2019/9xxx/CVE-2019-9305.json | 34 +-- 61 files changed, 3569 insertions(+), 3569 deletions(-) diff --git a/2007/0xxx/CVE-2007-0238.json b/2007/0xxx/CVE-2007-0238.json index bb8de8e3b96..b5eb6a15bd9 100644 --- a/2007/0xxx/CVE-2007-0238.json +++ b/2007/0xxx/CVE-2007-0238.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in filter\\starcalc\\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 High Risk Vulnerability in OpenOffice", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464724/100/0/threaded" - }, - { - "name" : "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/", - "refsource" : "MISC", - "url" : "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/" - }, - { - "name" : "https://issues.foresightlinux.org/browse/FL-211", - "refsource" : "CONFIRM", - "url" : "https://issues.foresightlinux.org/browse/FL-211" - }, - { - "name" : "http://www.openoffice.org/security/CVE-2007-0238", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/CVE-2007-0238" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1118", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1118" - }, - { - "name" : "DSA-1270", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1270" - }, - { - "name" : "GLSA-200704-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml" - }, - { - "name" : "MDKSA-2007:073", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:073" - }, - { - "name" : "RHSA-2007:0033", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0033.html" - }, - { - "name" : "RHSA-2007:0069", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0069.html" - }, - { - "name" : "102794", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102794-1" - }, - { - "name" : "SUSE-SA:2007:023", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html" - }, - { - "name" : "USN-444-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-444-1" - }, - { - "name" : "23067", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23067" - }, - { - "name" : "oval:org.mitre.oval:def:8968", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8968" - }, - { - "name" : "ADV-2007-1032", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1032" - }, - { - "name" : "ADV-2007-1117", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1117" - }, - { - "name" : "1017799", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017799" - }, - { - "name" : "24465", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24465" - }, - { - "name" : "24550", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24550" - }, - { - "name" : "24646", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24646" - }, - { - "name" : "24647", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24647" - }, - { - "name" : "24676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24676" - }, - { - "name" : "24810", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24810" - }, - { - "name" : "24906", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24906" - }, - { - "name" : "24588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24588" - }, - { - "name" : "24613", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24613" - }, - { - "name" : "openoffice-starcalc-bo(33112)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in filter\\starcalc\\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200704-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml" + }, + { + "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/", + "refsource": "MISC", + "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-openoffice-suite/" + }, + { + "name": "24588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24588" + }, + { + "name": "https://issues.foresightlinux.org/browse/FL-211", + "refsource": "CONFIRM", + "url": "https://issues.foresightlinux.org/browse/FL-211" + }, + { + "name": "oval:org.mitre.oval:def:8968", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8968" + }, + { + "name": "24810", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24810" + }, + { + "name": "SUSE-SA:2007:023", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html" + }, + { + "name": "RHSA-2007:0033", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0033.html" + }, + { + "name": "ADV-2007-1032", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1032" + }, + { + "name": "USN-444-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-444-1" + }, + { + "name": "http://www.openoffice.org/security/CVE-2007-0238", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/CVE-2007-0238" + }, + { + "name": "24613", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24613" + }, + { + "name": "24676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24676" + }, + { + "name": "24550", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24550" + }, + { + "name": "24465", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24465" + }, + { + "name": "102794", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102794-1" + }, + { + "name": "23067", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23067" + }, + { + "name": "DSA-1270", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1270" + }, + { + "name": "openoffice-starcalc-bo(33112)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33112" + }, + { + "name": "MDKSA-2007:073", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:073" + }, + { + "name": "24646", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24646" + }, + { + "name": "1017799", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017799" + }, + { + "name": "RHSA-2007:0069", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0069.html" + }, + { + "name": "24647", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24647" + }, + { + "name": "ADV-2007-1117", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1117" + }, + { + "name": "24906", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24906" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1118", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1118" + }, + { + "name": "20070404 High Risk Vulnerability in OpenOffice", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464724/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0434.json b/2007/0xxx/CVE-2007-0434.json index 52f40fe74f1..84ad6f8aefe 100644 --- a/2007/0xxx/CVE-2007-0434.json +++ b/2007/0xxx/CVE-2007-0434.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0434", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0434", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "BEA07-153.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/220" - }, - { - "name" : "22082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22082" - }, - { - "name" : "32860", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32860" - }, - { - "name" : "23786", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23786" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22082" + }, + { + "name": "BEA07-153.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/220" + }, + { + "name": "23786", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23786" + }, + { + "name": "32860", + "refsource": "OSVDB", + "url": "http://osvdb.org/32860" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0511.json b/2007/0xxx/CVE-2007-0511.json index 81006716914..553435f075a 100644 --- a/2007/0xxx/CVE-2007-0511.json +++ b/2007/0xxx/CVE-2007-0511.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) dom.php, (2) dtd.php, or (3) parser.php in include/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3184", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3184" - }, - { - "name" : "22201", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22201" - }, - { - "name" : "ADV-2007-0309", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0309" - }, - { - "name" : "32953", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32953" - }, - { - "name" : "32954", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32954" - }, - { - "name" : "32955", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32955" - }, - { - "name" : "23875", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23875" - }, - { - "name" : "phpxd-path-file-include(31726)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) dom.php, (2) dtd.php, or (3) parser.php in include/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22201", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22201" + }, + { + "name": "32954", + "refsource": "OSVDB", + "url": "http://osvdb.org/32954" + }, + { + "name": "32955", + "refsource": "OSVDB", + "url": "http://osvdb.org/32955" + }, + { + "name": "23875", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23875" + }, + { + "name": "ADV-2007-0309", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0309" + }, + { + "name": "phpxd-path-file-include(31726)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31726" + }, + { + "name": "3184", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3184" + }, + { + "name": "32953", + "refsource": "OSVDB", + "url": "http://osvdb.org/32953" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0848.json b/2007/0xxx/CVE-2007-0848.json index 7729130817f..8ef0cf47224 100644 --- a/2007/0xxx/CVE-2007-0848.json +++ b/2007/0xxx/CVE-2007-0848.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0848", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in classes/class_mail.inc.php in Maian Recipe 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0848", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3284", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3284" - }, - { - "name" : "20070207 true: Agermenu 0.03", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001299.html" - }, - { - "name" : "ADV-2007-0537", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0537" - }, - { - "name" : "33125", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33125" - }, - { - "name" : "33689", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33689" - }, - { - "name" : "24074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24074" - }, - { - "name" : "maianrecipe-classmail-file-include(32346)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32346" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in classes/class_mail.inc.php in Maian Recipe 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33125", + "refsource": "OSVDB", + "url": "http://osvdb.org/33125" + }, + { + "name": "33689", + "refsource": "OSVDB", + "url": "http://osvdb.org/33689" + }, + { + "name": "ADV-2007-0537", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0537" + }, + { + "name": "24074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24074" + }, + { + "name": "maianrecipe-classmail-file-include(32346)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32346" + }, + { + "name": "20070207 true: Agermenu 0.03", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001299.html" + }, + { + "name": "3284", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3284" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0866.json b/2007/0xxx/CVE-2007-0866.json index 054ac393674..14ea12fa90a 100644 --- a/2007/0xxx/CVE-2007-0866.json +++ b/2007/0xxx/CVE-2007-0866.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0866", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02190", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/459497/100/0/threaded" - }, - { - "name" : "SSRT071300", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/459497/100/0/threaded" - }, - { - "name" : "22488", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22488" - }, - { - "name" : "ADV-2007-0542", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0542" - }, - { - "name" : "33164", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33164" - }, - { - "name" : "1017614", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017614" - }, - { - "name" : "24113", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24113" - }, - { - "name" : "openview-dataprotector-privilege-escalation(32386)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32386" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22488", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22488" + }, + { + "name": "ADV-2007-0542", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0542" + }, + { + "name": "33164", + "refsource": "OSVDB", + "url": "http://osvdb.org/33164" + }, + { + "name": "HPSBMA02190", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/459497/100/0/threaded" + }, + { + "name": "SSRT071300", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/459497/100/0/threaded" + }, + { + "name": "24113", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24113" + }, + { + "name": "1017614", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017614" + }, + { + "name": "openview-dataprotector-privilege-escalation(32386)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32386" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1366.json b/2007/1xxx/CVE-2007-1366.json index 5ecc8fe8a6e..6e46fadfc83 100644 --- a/2007/1xxx/CVE-2007-1366.json +++ b/2007/1xxx/CVE-2007-1366.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1366", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by \"aam 0x0,\" which triggers a divide-by-zero error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Qemu-devel] 20070428 Qemu crashes on AAM 0", - "refsource" : "MLIST", - "url" : "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html" - }, - { - "name" : "[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0", - "refsource" : "MLIST", - "url" : "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html" - }, - { - "name" : "http://taviso.decsystem.org/virtsec.pdf", - "refsource" : "MISC", - "url" : "http://taviso.decsystem.org/virtsec.pdf" - }, - { - "name" : "DSA-1284", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1284" - }, - { - "name" : "MDVSA-2008:162", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" - }, - { - "name" : "23731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23731" - }, - { - "name" : "35498", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35498" - }, - { - "name" : "ADV-2007-1597", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1597" - }, - { - "name" : "25073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25073" - }, - { - "name" : "25095", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25095" - }, - { - "name" : "29129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29129" - }, - { - "name" : "qemu-aam-dos(34046)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by \"aam 0x0,\" which triggers a divide-by-zero error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23731" + }, + { + "name": "DSA-1284", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1284" + }, + { + "name": "25073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25073" + }, + { + "name": "http://taviso.decsystem.org/virtsec.pdf", + "refsource": "MISC", + "url": "http://taviso.decsystem.org/virtsec.pdf" + }, + { + "name": "[Qemu-devel] 20070428 Qemu crashes on AAM 0", + "refsource": "MLIST", + "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00650.html" + }, + { + "name": "MDVSA-2008:162", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162" + }, + { + "name": "35498", + "refsource": "OSVDB", + "url": "http://osvdb.org/35498" + }, + { + "name": "ADV-2007-1597", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1597" + }, + { + "name": "29129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29129" + }, + { + "name": "25095", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25095" + }, + { + "name": "qemu-aam-dos(34046)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34046" + }, + { + "name": "[Qemu-devel] 20070429 Re: Qemu crashes on AAM 0", + "refsource": "MLIST", + "url": "http://lists.gnu.org/archive/html/qemu-devel/2007-04/msg00651.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1506.json b/2007/1xxx/CVE-2007-1506.json index 505e140f471..b3ee669a6f0 100644 --- a/2007/1xxx/CVE-2007-1506.json +++ b/2007/1xxx/CVE-2007-1506.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote attackers to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070316 Oracle Portal PORTAL.wwv_main.render_warning_screen XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463012/100/0/threaded" - }, - { - "name" : "22999", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22999" - }, - { - "name" : "34299", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34299" - }, - { - "name" : "2463", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2463" - }, - { - "name" : "oracleportal-portalwarning-xss(33028)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33028" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote attackers to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070316 Oracle Portal PORTAL.wwv_main.render_warning_screen XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463012/100/0/threaded" + }, + { + "name": "2463", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2463" + }, + { + "name": "oracleportal-portalwarning-xss(33028)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33028" + }, + { + "name": "34299", + "refsource": "OSVDB", + "url": "http://osvdb.org/34299" + }, + { + "name": "22999", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22999" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3098.json b/2007/3xxx/CVE-2007-3098.json index 80547fc8c90..833bcca13a7 100644 --- a/2007/3xxx/CVE-2007-3098.json +++ b/2007/3xxx/CVE-2007-3098.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote attackers to cause a denial of service (crash) via a crafted packet to port 165/TCP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4033", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4033" - }, - { - "name" : "24292", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24292" - }, - { - "name" : "36916", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36916" - }, - { - "name" : "25485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25485" - }, - { - "name" : "snmpc-crserv-dos(34725)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34725" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SNMPc Server (crserv.exe) process in Castle Rock Computing SNMPc before 7.0.19 allows remote attackers to cause a denial of service (crash) via a crafted packet to port 165/TCP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24292", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24292" + }, + { + "name": "snmpc-crserv-dos(34725)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34725" + }, + { + "name": "36916", + "refsource": "OSVDB", + "url": "http://osvdb.org/36916" + }, + { + "name": "25485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25485" + }, + { + "name": "4033", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4033" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3180.json b/2007/3xxx/CVE-2007-3180.json index 210e8337e63..17de82b4152 100644 --- a/2007/3xxx/CVE-2007-3180.json +++ b/2007/3xxx/CVE-2007-3180.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=us&dlc=en&lc=en&softwareitem=ob-48738-1&jumpid=reg_R1002_USEN", - "refsource" : "CONFIRM", - "url" : "http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=us&dlc=en&lc=en&softwareitem=ob-48738-1&jumpid=reg_R1002_USEN" - }, - { - "name" : "HPSBPI02226", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/471864/100/0/threaded" - }, - { - "name" : "SSRT061274", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/471864/100/0/threaded" - }, - { - "name" : "24459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24459" - }, - { - "name" : "37239", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37239" - }, - { - "name" : "ADV-2007-2164", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2164" - }, - { - "name" : "1018272", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018272" - }, - { - "name" : "25624", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25624" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT061274", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/471864/100/0/threaded" + }, + { + "name": "37239", + "refsource": "OSVDB", + "url": "http://osvdb.org/37239" + }, + { + "name": "24459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24459" + }, + { + "name": "http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=us&dlc=en&lc=en&softwareitem=ob-48738-1&jumpid=reg_R1002_USEN", + "refsource": "CONFIRM", + "url": "http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=us&dlc=en&lc=en&softwareitem=ob-48738-1&jumpid=reg_R1002_USEN" + }, + { + "name": "1018272", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018272" + }, + { + "name": "25624", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25624" + }, + { + "name": "HPSBPI02226", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/471864/100/0/threaded" + }, + { + "name": "ADV-2007-2164", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2164" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3294.json b/2007/3xxx/CVE-2007-3294.json index 9c08d914850..6265121aa4c 100644 --- a/2007/3xxx/CVE-2007-3294.json +++ b/2007/3xxx/CVE-2007-3294.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3294", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3294", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4080", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4080" - }, - { - "name" : "36853", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36853" - }, - { - "name" : "25735", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25735" - }, - { - "name" : "php-tidy-parsestring-bo(34931)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34931" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25735", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25735" + }, + { + "name": "36853", + "refsource": "OSVDB", + "url": "http://osvdb.org/36853" + }, + { + "name": "php-tidy-parsestring-bo(34931)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34931" + }, + { + "name": "4080", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4080" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3908.json b/2007/3xxx/CVE-2007-3908.json index 90f8718f9ee..dc6a6c38a12 100644 --- a/2007/3xxx/CVE-2007-3908.json +++ b/2007/3xxx/CVE-2007-3908.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2007-0980." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBGN02234", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/473783/100/0/threaded" - }, - { - "name" : "SSRT071435", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/473783/100/0/threaded" - }, - { - "name" : "24920", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24920" - }, - { - "name" : "38159", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38159" - }, - { - "name" : "ADV-2007-2544", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2544" - }, - { - "name" : "1018395", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018395" - }, - { - "name" : "26051", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26051" - }, - { - "name" : "2907", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2007-0980." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBGN02234", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/473783/100/0/threaded" + }, + { + "name": "1018395", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018395" + }, + { + "name": "SSRT071435", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/473783/100/0/threaded" + }, + { + "name": "38159", + "refsource": "OSVDB", + "url": "http://osvdb.org/38159" + }, + { + "name": "2907", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2907" + }, + { + "name": "26051", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26051" + }, + { + "name": "24920", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24920" + }, + { + "name": "ADV-2007-2544", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2544" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4003.json b/2007/4xxx/CVE-2007-4003.json index 1606a6b8aa9..a357f1a9fa4 100644 --- a/2007/4xxx/CVE-2007-4003.json +++ b/2007/4xxx/CVE-2007-4003.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4003", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070726 IBM AIX pioout Arbitrary Library Loading Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=569" - }, - { - "name" : "ftp://aix.software.ibm.com/aix/efixes/security/README", - "refsource" : "CONFIRM", - "url" : "ftp://aix.software.ibm.com/aix/efixes/security/README" - }, - { - "name" : "IZ01121", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01121" - }, - { - "name" : "IZ01122", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01122" - }, - { - "name" : "25084", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25084" - }, - { - "name" : "ADV-2007-2677", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2677" - }, - { - "name" : "1018466", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018466" - }, - { - "name" : "26219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26219" - }, - { - "name" : "aix-pioout-r-bo(35628)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IZ01122", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01122" + }, + { + "name": "26219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26219" + }, + { + "name": "aix-pioout-r-bo(35628)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35628" + }, + { + "name": "25084", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25084" + }, + { + "name": "1018466", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018466" + }, + { + "name": "IZ01121", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01121" + }, + { + "name": "20070726 IBM AIX pioout Arbitrary Library Loading Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=569" + }, + { + "name": "ftp://aix.software.ibm.com/aix/efixes/security/README", + "refsource": "CONFIRM", + "url": "ftp://aix.software.ibm.com/aix/efixes/security/README" + }, + { + "name": "ADV-2007-2677", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2677" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4085.json b/2007/4xxx/CVE-2007-4085.json index 2b181697bc1..11fb255ac1f 100644 --- a/2007/4xxx/CVE-2007-4085.json +++ b/2007/4xxx/CVE-2007-4085.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html", - "refsource" : "MISC", - "url" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html" - }, - { - "name" : "37095", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37095" - }, - { - "name" : "37096", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37096" - }, - { - "name" : "46166", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46166" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in AlstraSoft AskMe Pro allow remote attackers to execute arbitrary SQL commands via the (1) que_id parameter to forum_answer.php or (2) the cat_id parameter to search.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37096", + "refsource": "OSVDB", + "url": "http://osvdb.org/37096" + }, + { + "name": "46166", + "refsource": "OSVDB", + "url": "http://osvdb.org/46166" + }, + { + "name": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html", + "refsource": "MISC", + "url": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html" + }, + { + "name": "37095", + "refsource": "OSVDB", + "url": "http://osvdb.org/37095" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4301.json b/2007/4xxx/CVE-2007-4301.json index a47a4f41056..a93668f099d 100644 --- a/2007/4xxx/CVE-2007-4301.json +++ b/2007/4xxx/CVE-2007-4301.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.cgis.biz/script_web_cart/notice200708.html", - "refsource" : "CONFIRM", - "url" : "http://www.cgis.biz/script_web_cart/notice200708.html" - }, - { - "name" : "JVN#66303599", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2366303599/index.html" - }, - { - "name" : "25261", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25261" - }, - { - "name" : "36441", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36441" - }, - { - "name" : "1018554", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018554" - }, - { - "name" : "26382", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26382" - }, - { - "name" : "webcart-unspecified-xss(35946)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the management interface in WebCart 2.20 through 2.25 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.cgis.biz/script_web_cart/notice200708.html", + "refsource": "CONFIRM", + "url": "http://www.cgis.biz/script_web_cart/notice200708.html" + }, + { + "name": "webcart-unspecified-xss(35946)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35946" + }, + { + "name": "JVN#66303599", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2366303599/index.html" + }, + { + "name": "26382", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26382" + }, + { + "name": "25261", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25261" + }, + { + "name": "36441", + "refsource": "OSVDB", + "url": "http://osvdb.org/36441" + }, + { + "name": "1018554", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018554" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4940.json b/2007/4xxx/CVE-2007-4940.json index d347b05ba10..6bbb8a038f2 100644 --- a/2007/4xxx/CVE-2007-4940.json +++ b/2007/4xxx/CVE-2007-4940.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4940", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4940", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479222/100/0/threaded" - }, - { - "name" : "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt", - "refsource" : "MISC", - "url" : "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt" - }, - { - "name" : "25650", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25650" - }, - { - "name" : "3144", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3144" - }, - { - "name" : "mediaplayerclassic-avi-overflow(36584)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36584" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3144", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3144" + }, + { + "name": "mediaplayerclassic-avi-overflow(36584)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36584" + }, + { + "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded" + }, + { + "name": "25650", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25650" + }, + { + "name": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt", + "refsource": "MISC", + "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4959.json b/2007/4xxx/CVE-2007-4959.json index a51f7c8987c..bf97a44040e 100644 --- a/2007/4xxx/CVE-2007-4959.json +++ b/2007/4xxx/CVE-2007-4959.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in catalog_products_with_images.php in osCMax 2.0.0-RC3-0-1 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "25684", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25684" - }, - { - "name" : "ADV-2007-3187", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3187" - }, - { - "name" : "37094", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37094" - }, - { - "name" : "26833", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26833" - }, - { - "name" : "oscmax-catalogproducts-xss(36642)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36642" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in catalog_products_with_images.php in osCMax 2.0.0-RC3-0-1 allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26833", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26833" + }, + { + "name": "37094", + "refsource": "OSVDB", + "url": "http://osvdb.org/37094" + }, + { + "name": "25684", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25684" + }, + { + "name": "ADV-2007-3187", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3187" + }, + { + "name": "oscmax-catalogproducts-xss(36642)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36642" + } + ] + } +} \ No newline at end of file diff --git a/2014/100xxx/CVE-2014-100026.json b/2014/100xxx/CVE-2014-100026.json index 82d16de7aec..110c1660bc7 100644 --- a/2014/100xxx/CVE-2014-100026.json +++ b/2014/100xxx/CVE-2014-100026.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-100026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-100026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wordpress.org/plugins/aprils-super-functions-pack/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/aprils-super-functions-pack/changelog/" - }, - { - "name" : "64699", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64699" - }, - { - "name" : "101807", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/101807" - }, - { - "name" : "55576", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55576" - }, - { - "name" : "aprilsuperfunctions-readme-xss(90172)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90172" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64699", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64699" + }, + { + "name": "101807", + "refsource": "OSVDB", + "url": "http://osvdb.org/101807" + }, + { + "name": "55576", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55576" + }, + { + "name": "aprilsuperfunctions-readme-xss(90172)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90172" + }, + { + "name": "https://wordpress.org/plugins/aprils-super-functions-pack/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/aprils-super-functions-pack/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5717.json b/2014/5xxx/CVE-2014-5717.json index f995697db67..9d041e7fe44 100644 --- a/2014/5xxx/CVE-2014-5717.json +++ b/2014/5xxx/CVE-2014-5717.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#401569", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/401569" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Fashion Style (aka com.thirtysixyougames.google.starGirlSingapore) application 3.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#401569", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/401569" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2841.json b/2015/2xxx/CVE-2015-2841.json index 22dcb49ba94..c60fbe3df3c 100644 --- a/2015/2xxx/CVE-2015-2841.json +++ b/2015/2xxx/CVE-2015-2841.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted Content-Type header, as demonstrated by the application/octet-stream and text/xml Content-Types." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2841", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36369", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36369/" - }, - { - "name" : "20150316 Citrix Netscaler NS10.5 WAF Bypass via HTTP Header Pollution", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/95" - }, - { - "name" : "1031928", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id/1031928" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted Content-Type header, as demonstrated by the application/octet-stream and text/xml Content-Types." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031928", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id/1031928" + }, + { + "name": "36369", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36369/" + }, + { + "name": "20150316 Citrix Netscaler NS10.5 WAF Bypass via HTTP Header Pollution", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/95" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2885.json b/2015/2xxx/CVE-2015-2885.json index 5fbb4d06773..ac16a9a2387 100644 --- a/2015/2xxx/CVE-2015-2885.json +++ b/2015/2xxx/CVE-2015-2885.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2015-2885", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Lens Peek-a-View", - "version" : { - "version_data" : [ - { - "version_value" : "Lens Peek-a-View" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "backdoor" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Lens Peek-a-View", + "version": { + "version_data": [ + { + "version_value": "Lens Peek-a-View" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/infosec/blog/2015/09/02/iotsec-disclosure-10-new-vulns-for-several-video-baby-monitors", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/infosec/blog/2015/09/02/iotsec-disclosure-10-new-vulns-for-several-video-baby-monitors" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "backdoor" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/infosec/blog/2015/09/02/iotsec-disclosure-10-new-vulns-for-several-video-baby-monitors", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/infosec/blog/2015/09/02/iotsec-disclosure-10-new-vulns-for-several-video-baby-monitors" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2943.json b/2015/2xxx/CVE-2015-2943.json index d64cd964c84..7dcf84f3a7e 100644 --- a/2015/2xxx/CVE-2015-2943.json +++ b/2015/2xxx/CVE-2015-2943.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Honda Moto LINC 1.6.1 does not verify SSL certificates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#75851252", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN75851252/index.html" - }, - { - "name" : "JVNDB-2015-000065", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000065.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Honda Moto LINC 1.6.1 does not verify SSL certificates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2015-000065", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000065.html" + }, + { + "name": "JVN#75851252", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN75851252/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6032.json b/2015/6xxx/CVE-2015-6032.json index a9b5c2eb955..ae5d46ed5fa 100644 --- a/2015/6xxx/CVE-2015-6032.json +++ b/2015/6xxx/CVE-2015-6032.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#573848", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/573848" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#573848", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/573848" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6688.json b/2015/6xxx/CVE-2015-6688.json index c7b5452f9d9..4bcb38feb43 100644 --- a/2015/6xxx/CVE-2015-6688.json +++ b/2015/6xxx/CVE-2015-6688.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-469", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-469" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a crafted Optional Content Groups (OCG) object in a WillSave document action, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-469", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-469" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6798.json b/2015/6xxx/CVE-2015-6798.json index d5f0ef34077..6564d8a155b 100644 --- a/2015/6xxx/CVE-2015-6798.json +++ b/2015/6xxx/CVE-2015-6798.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6798", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6798", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7285.json b/2015/7xxx/CVE-2015-7285.json index c6b5aa497f9..614c4bf6187 100644 --- a/2015/7xxx/CVE-2015-7285.json +++ b/2015/7xxx/CVE-2015-7285.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cybergibbons.com/?p=2844", - "refsource" : "MISC", - "url" : "http://cybergibbons.com/?p=2844" - }, - { - "name" : "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL" - }, - { - "name" : "VU#428280", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/428280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended access restrictions via a spoofed HSxx response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#428280", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/428280" + }, + { + "name": "http://cybergibbons.com/?p=2844", + "refsource": "MISC", + "url": "http://cybergibbons.com/?p=2844" + }, + { + "name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7371.json b/2015/7xxx/CVE-2015-7371.json index 8bf050c94c4..93e610ce989 100644 --- a/2015/7xxx/CVE-2015-7371.json +++ b/2015/7xxx/CVE-2015-7371.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service (resource consumption) via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536633/100/0/threaded" - }, - { - "name" : "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/32" - }, - { - "name" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" - }, - { - "name" : "http://www.revive-adserver.com/security/revive-sa-2015-001", - "refsource" : "CONFIRM", - "url" : "http://www.revive-adserver.com/security/revive-sa-2015-001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service (resource consumption) via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.revive-adserver.com/security/revive-sa-2015-001", + "refsource": "CONFIRM", + "url": "http://www.revive-adserver.com/security/revive-sa-2015-001" + }, + { + "name": "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536633/100/0/threaded" + }, + { + "name": "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/32" + }, + { + "name": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7604.json b/2015/7xxx/CVE-2015-7604.json index 3eb36fbdfc3..46a0191ac75 100644 --- a/2015/7xxx/CVE-2015-7604.json +++ b/2015/7xxx/CVE-2015-7604.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7604", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7604", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.splunk.com/view/SP-CAAAPAM", - "refsource" : "CONFIRM", - "url" : "http://www.splunk.com/view/SP-CAAAPAM" - }, - { - "name" : "1033655", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033655" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033655", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033655" + }, + { + "name": "http://www.splunk.com/view/SP-CAAAPAM", + "refsource": "CONFIRM", + "url": "http://www.splunk.com/view/SP-CAAAPAM" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7634.json b/2015/7xxx/CVE-2015-7634.json index eb3cd68f73d..e8aa341bfc8 100644 --- a/2015/7xxx/CVE-2015-7634.json +++ b/2015/7xxx/CVE-2015-7634.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7633." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" - }, - { - "name" : "GLSA-201511-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201511-02" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "RHSA-2015:1893", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html" - }, - { - "name" : "SUSE-SU-2015:1740", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:1742", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:1744", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html" - }, - { - "name" : "openSUSE-SU-2015:1781", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" - }, - { - "name" : "77065", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77065" - }, - { - "name" : "1033797", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7633." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "openSUSE-SU-2015:1744", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html" + }, + { + "name": "77065", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77065" + }, + { + "name": "SUSE-SU-2015:1742", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html" + }, + { + "name": "RHSA-2015:1893", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html" + }, + { + "name": "GLSA-201511-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201511-02" + }, + { + "name": "1033797", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033797" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" + }, + { + "name": "SUSE-SU-2015:1740", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html" + }, + { + "name": "openSUSE-SU-2015:1781", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7718.json b/2015/7xxx/CVE-2015-7718.json index 45634e355fa..15b56116f10 100644 --- a/2015/7xxx/CVE-2015-7718.json +++ b/2015/7xxx/CVE-2015-7718.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different vulnerability than CVE-2015-6605." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different vulnerability than CVE-2015-6605." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7836.json b/2015/7xxx/CVE-2015-7836.json index 7b54fbf7883..24de37aedf8 100644 --- a/2015/7xxx/CVE-2015-7836.json +++ b/2015/7xxx/CVE-2015-7836.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01" - }, - { - "name" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf" - }, - { - "name" : "1033973", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033973" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf" + }, + { + "name": "1033973", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033973" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0049.json b/2016/0xxx/CVE-2016-0049.json index f9875e51fc7..213c4407f19 100644 --- a/2016/0xxx/CVE-2016-0049.json +++ b/2016/0xxx/CVE-2016-0049.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying a crafted Key Distribution Center (KDC) and then performing a sign-in action, aka \"Windows Kerberos Security Feature Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39442", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39442/" - }, - { - "name" : "http://packetstormsecurity.com/files/135797/Windows-Kerberos-Security-Feature-Bypass.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135797/Windows-Kerberos-Security-Feature-Bypass.html" - }, - { - "name" : "MS16-014", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" - }, - { - "name" : "82535", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82535" - }, - { - "name" : "1034985", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying a crafted Key Distribution Center (KDC) and then performing a sign-in action, aka \"Windows Kerberos Security Feature Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034985", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034985" + }, + { + "name": "39442", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39442/" + }, + { + "name": "http://packetstormsecurity.com/files/135797/Windows-Kerberos-Security-Feature-Bypass.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135797/Windows-Kerberos-Security-Feature-Bypass.html" + }, + { + "name": "82535", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82535" + }, + { + "name": "MS16-014", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-014" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10340.json b/2016/10xxx/CVE-2016-10340.json index 3bffec2f532..2c5a1f139ed 100644 --- a/2016/10xxx/CVE-2016-10340.json +++ b/2016/10xxx/CVE-2016-10340.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2016-10340", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Underflow Vulnerability in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2016-10340", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Underflow Vulnerability in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10427.json b/2016/10xxx/CVE-2016-10427.json index 49f4efc3009..2d93e32bb5a 100644 --- a/2016/10xxx/CVE-2016-10427.json +++ b/2016/10xxx/CVE-2016-10427.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper boundary check in RLC AM module leads to denial of service by reaching assertion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Reachable Assertion in LTE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper boundary check in RLC AM module leads to denial of service by reaching assertion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reachable Assertion in LTE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10545.json b/2016/10xxx/CVE-2016-10545.json index ded8adc1b50..53bb1f5c667 100644 --- a/2016/10xxx/CVE-2016-10545.json +++ b/2016/10xxx/CVE-2016-10545.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10545", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-10545", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1126.json b/2016/1xxx/CVE-2016-1126.json index 8fa89b09dd6..f13b6ebdb96 100644 --- a/2016/1xxx/CVE-2016-1126.json +++ b/2016/1xxx/CVE-2016-1126.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1325.json b/2016/1xxx/CVE-2016-1325.json index a8d087d1641..85483f66487 100644 --- a/2016/1xxx/CVE-2016-1325.json +++ b/2016/1xxx/CVE-2016-1325.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160309 Cisco Wireless Residential Gateway Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid" - }, - { - "name" : "84278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84278" - }, - { - "name" : "1035232", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035232" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160309 Cisco Wireless Residential Gateway Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid" + }, + { + "name": "1035232", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035232" + }, + { + "name": "84278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84278" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1908.json b/2016/1xxx/CVE-2016-1908.json index ca86c2cc6de..9d8eef99ab5 100644 --- a/2016/1xxx/CVE-2016-1908.json +++ b/2016/1xxx/CVE-2016-1908.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-1908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160115 Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2016/01/15/13" - }, - { - "name" : "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html" - }, - { - "name" : "http://www.openssh.com/txt/release-7.2", - "refsource" : "CONFIRM", - "url" : "http://www.openssh.com/txt/release-7.2" - }, - { - "name" : "https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c", - "refsource" : "CONFIRM", - "url" : "https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298741", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298741" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "GLSA-201612-18", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-18" - }, - { - "name" : "RHSA-2016:0465", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0465.html" - }, - { - "name" : "RHSA-2016:0741", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0741.html" - }, - { - "name" : "84427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84427" - }, - { - "name" : "1034705", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.openssh.com/txt/release-7.2", + "refsource": "CONFIRM", + "url": "http://www.openssh.com/txt/release-7.2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c", + "refsource": "CONFIRM", + "url": "https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c" + }, + { + "name": "[oss-security] 20160115 Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2016/01/15/13" + }, + { + "name": "1034705", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034705" + }, + { + "name": "RHSA-2016:0741", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0741.html" + }, + { + "name": "GLSA-201612-18", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-18" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1298741", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298741" + }, + { + "name": "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html" + }, + { + "name": "84427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84427" + }, + { + "name": "RHSA-2016:0465", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0465.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4035.json b/2016/4xxx/CVE-2016-4035.json index 71010f0a98c..3bc02473794 100644 --- a/2016/4xxx/CVE-2016-4035.json +++ b/2016/4xxx/CVE-2016-4035.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4035", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4035", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4769.json b/2016/4xxx/CVE-2016-4769.json index 8c4680a3b77..be5c6b19a5c 100644 --- a/2016/4xxx/CVE-2016-4769.json +++ b/2016/4xxx/CVE-2016-4769.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207157", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207157" - }, - { - "name" : "https://support.apple.com/HT207158", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207158" - }, - { - "name" : "APPLE-SA-2016-09-20-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" - }, - { - "name" : "APPLE-SA-2016-09-20-7", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html" - }, - { - "name" : "93062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93062" - }, - { - "name" : "1036854", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207157", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207157" + }, + { + "name": "https://support.apple.com/HT207158", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207158" + }, + { + "name": "1036854", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036854" + }, + { + "name": "93062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93062" + }, + { + "name": "APPLE-SA-2016-09-20-7", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html" + }, + { + "name": "APPLE-SA-2016-09-20-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3123.json b/2019/3xxx/CVE-2019-3123.json index e4d4c8ec076..259634886e6 100644 --- a/2019/3xxx/CVE-2019-3123.json +++ b/2019/3xxx/CVE-2019-3123.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3123", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3123", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3527.json b/2019/3xxx/CVE-2019-3527.json index 050e927f162..82db12444fa 100644 --- a/2019/3xxx/CVE-2019-3527.json +++ b/2019/3xxx/CVE-2019-3527.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3527", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3527", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3717.json b/2019/3xxx/CVE-2019-3717.json index a2d248f7bce..19d1456019b 100644 --- a/2019/3xxx/CVE-2019-3717.json +++ b/2019/3xxx/CVE-2019-3717.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3717", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3717", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3778.json b/2019/3xxx/CVE-2019-3778.json index 037be732079..abb995a606c 100644 --- a/2019/3xxx/CVE-2019-3778.json +++ b/2019/3xxx/CVE-2019-3778.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@dell.com", - "DATE_PUBLIC" : "2019-02-21T00:00:00.000Z", - "ID" : "CVE-2019-3778", - "STATE" : "PUBLIC", - "TITLE" : "Open Redirect in spring-security-oauth2" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Spring Security OAuth", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_name" : "2.3", - "version_value" : "2.3.5.RELEASE" - }, - { - "affected" : "<", - "version_name" : "2.0", - "version_value" : "2.0.17.RELEASE" - }, - { - "affected" : "<", - "version_name" : "2.1", - "version_value" : "2.1.4.RELEASE" - }, - { - "affected" : "<", - "version_name" : "2.2", - "version_value" : "2.2.4.RELEASE" - } - ] - } - } - ] - }, - "vendor_name" : "Spring" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the \"redirect_uri\" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient)." - } - ] - }, - "impact" : null, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-601: Open Redirect" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "DATE_PUBLIC": "2019-02-21T00:00:00.000Z", + "ID": "CVE-2019-3778", + "STATE": "PUBLIC", + "TITLE": "Open Redirect in spring-security-oauth2" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Spring Security OAuth", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "2.3", + "version_value": "2.3.5.RELEASE" + }, + { + "affected": "<", + "version_name": "2.0", + "version_value": "2.0.17.RELEASE" + }, + { + "affected": "<", + "version_name": "2.1", + "version_value": "2.1.4.RELEASE" + }, + { + "affected": "<", + "version_name": "2.2", + "version_value": "2.2.4.RELEASE" + } + ] + } + } + ] + }, + "vendor_name": "Spring" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pivotal.io/security/cve-2019-3778", - "refsource" : "CONFIRM", - "url" : "https://pivotal.io/security/cve-2019-3778" - }, - { - "name" : "107153", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107153" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the \"redirect_uri\" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient)." + } + ] + }, + "impact": null, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601: Open Redirect" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107153", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107153" + }, + { + "name": "https://pivotal.io/security/cve-2019-3778", + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2019-3778" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4221.json b/2019/4xxx/CVE-2019-4221.json index f24a288b22c..5c5b633b940 100644 --- a/2019/4xxx/CVE-2019-4221.json +++ b/2019/4xxx/CVE-2019-4221.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4221", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4221", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4397.json b/2019/4xxx/CVE-2019-4397.json index 0b4b80b96b6..1c385d5535a 100644 --- a/2019/4xxx/CVE-2019-4397.json +++ b/2019/4xxx/CVE-2019-4397.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4397", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4397", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4881.json b/2019/4xxx/CVE-2019-4881.json index d0f30255b83..e976985b59b 100644 --- a/2019/4xxx/CVE-2019-4881.json +++ b/2019/4xxx/CVE-2019-4881.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4881", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4881", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6139.json b/2019/6xxx/CVE-2019-6139.json index 48f6537eb08..1ff0fe3bb86 100644 --- a/2019/6xxx/CVE-2019-6139.json +++ b/2019/6xxx/CVE-2019-6139.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "PSIRT@forcepoint.com", - "DATE_PUBLIC" : "2019-01-24T00:00:00", - "ID" : "CVE-2019-6139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Forcepoint User ID (FUID) server", - "version" : { - "version_data" : [ - { - "version_value" : "Forcepoint User ID (FUID) server versions up to 1.2" - } - ] - } - } - ] - }, - "vendor_name" : "Forcepoint ." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@forcepoint.com", + "DATE_PUBLIC": "2019-01-24T00:00:00", + "ID": "CVE-2019-6139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Forcepoint User ID (FUID) server", + "version": { + "version_data": [ + { + "version_value": "Forcepoint User ID (FUID) server versions up to 1.2" + } + ] + } + } + ] + }, + "vendor_name": "Forcepoint ." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.forcepoint.com/KBArticle?id=000016550", - "refsource" : "MISC", - "url" : "https://support.forcepoint.com/KBArticle?id=000016550" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.forcepoint.com/KBArticle?id=000016550", + "refsource": "MISC", + "url": "https://support.forcepoint.com/KBArticle?id=000016550" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6249.json b/2019/6xxx/CVE-2019-6249.json index ffa0777f5de..dbfde836b67 100644 --- a/2019/6xxx/CVE-2019-6249.json +++ b/2019/6xxx/CVE-2019-6249.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46149", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46149/" - }, - { - "name" : "http://www.iwantacve.cn/index.php/archives/109/", - "refsource" : "MISC", - "url" : "http://www.iwantacve.cn/index.php/archives/109/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.iwantacve.cn/index.php/archives/109/", + "refsource": "MISC", + "url": "http://www.iwantacve.cn/index.php/archives/109/" + }, + { + "name": "46149", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46149/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6279.json b/2019/6xxx/CVE-2019-6279.json index 1bbf03622a1..6b905abe41e 100644 --- a/2019/6xxx/CVE-2019-6279.json +++ b/2019/6xxx/CVE-2019-6279.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6279", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6279", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7127.json b/2019/7xxx/CVE-2019-7127.json index eb4fa9eb660..ec2e6889e4e 100644 --- a/2019/7xxx/CVE-2019-7127.json +++ b/2019/7xxx/CVE-2019-7127.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7127", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7127", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7406.json b/2019/7xxx/CVE-2019-7406.json index dc3a4bd0d5b..a022ad5afc9 100644 --- a/2019/7xxx/CVE-2019-7406.json +++ b/2019/7xxx/CVE-2019-7406.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7406", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7406", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7439.json b/2019/7xxx/CVE-2019-7439.json index 258e010468d..c36bb3168c3 100644 --- a/2019/7xxx/CVE-2019-7439.json +++ b/2019/7xxx/CVE-2019-7439.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7439", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7439", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7976.json b/2019/7xxx/CVE-2019-7976.json index e8d265f29f0..53492d3fa74 100644 --- a/2019/7xxx/CVE-2019-7976.json +++ b/2019/7xxx/CVE-2019-7976.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7976", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7976", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8103.json b/2019/8xxx/CVE-2019-8103.json index f7a7e1ca536..135ea50bd05 100644 --- a/2019/8xxx/CVE-2019-8103.json +++ b/2019/8xxx/CVE-2019-8103.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8103", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8103", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8346.json b/2019/8xxx/CVE-2019-8346.json index 10bf6d473ce..155247fb95c 100644 --- a/2019/8xxx/CVE-2019-8346.json +++ b/2019/8xxx/CVE-2019-8346.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8346", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8346", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8373.json b/2019/8xxx/CVE-2019-8373.json index 3f4fca9c772..a2da645db14 100644 --- a/2019/8xxx/CVE-2019-8373.json +++ b/2019/8xxx/CVE-2019-8373.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8373", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8373", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8513.json b/2019/8xxx/CVE-2019-8513.json index 2db9b5939fe..f16daa0fd59 100644 --- a/2019/8xxx/CVE-2019-8513.json +++ b/2019/8xxx/CVE-2019-8513.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8513", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8513", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8638.json b/2019/8xxx/CVE-2019-8638.json index 55fa1127dd3..088dac63f15 100644 --- a/2019/8xxx/CVE-2019-8638.json +++ b/2019/8xxx/CVE-2019-8638.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8638", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8638", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9188.json b/2019/9xxx/CVE-2019-9188.json index b019e7a74ae..6539f0f6b99 100644 --- a/2019/9xxx/CVE-2019-9188.json +++ b/2019/9xxx/CVE-2019-9188.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9188", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9188", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9252.json b/2019/9xxx/CVE-2019-9252.json index ed87c8da55b..74052632ce8 100644 --- a/2019/9xxx/CVE-2019-9252.json +++ b/2019/9xxx/CVE-2019-9252.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9252", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9252", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9305.json b/2019/9xxx/CVE-2019-9305.json index 821a9e5ed3e..6486ab40f32 100644 --- a/2019/9xxx/CVE-2019-9305.json +++ b/2019/9xxx/CVE-2019-9305.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9305", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9305", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file