From 850678be591218c588c615e676aad8bbaf1ba7a3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:12:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/2xxx/CVE-2007-2692.json | 360 ++++++++++----------- 2007/2xxx/CVE-2007-2922.json | 34 +- 2007/3xxx/CVE-2007-3013.json | 170 +++++----- 2007/3xxx/CVE-2007-3355.json | 160 ++++----- 2007/3xxx/CVE-2007-3385.json | 570 ++++++++++++++++----------------- 2007/3xxx/CVE-2007-3527.json | 170 +++++----- 2007/3xxx/CVE-2007-3796.json | 160 ++++----- 2007/4xxx/CVE-2007-4049.json | 34 +- 2007/4xxx/CVE-2007-4329.json | 200 ++++++------ 2007/4xxx/CVE-2007-4891.json | 170 +++++----- 2007/6xxx/CVE-2007-6326.json | 150 ++++----- 2007/6xxx/CVE-2007-6345.json | 160 ++++----- 2007/6xxx/CVE-2007-6398.json | 150 ++++----- 2010/1xxx/CVE-2010-1049.json | 140 ++++---- 2010/1xxx/CVE-2010-1692.json | 34 +- 2010/1xxx/CVE-2010-1808.json | 140 ++++---- 2010/1xxx/CVE-2010-1940.json | 130 ++++---- 2010/5xxx/CVE-2010-5035.json | 180 +++++------ 2014/0xxx/CVE-2014-0630.json | 120 +++---- 2014/1xxx/CVE-2014-1405.json | 140 ++++---- 2014/1xxx/CVE-2014-1679.json | 150 ++++----- 2014/5xxx/CVE-2014-5419.json | 130 ++++---- 2014/5xxx/CVE-2014-5496.json | 34 +- 2014/5xxx/CVE-2014-5514.json | 34 +- 2014/5xxx/CVE-2014-5672.json | 140 ++++---- 2014/5xxx/CVE-2014-5945.json | 140 ++++---- 2015/2xxx/CVE-2015-2197.json | 140 ++++---- 2015/2xxx/CVE-2015-2485.json | 150 ++++----- 2016/10xxx/CVE-2016-10152.json | 160 ++++----- 2016/4xxx/CVE-2016-4006.json | 170 +++++----- 2016/4xxx/CVE-2016-4046.json | 130 ++++---- 2016/8xxx/CVE-2016-8029.json | 34 +- 2016/8xxx/CVE-2016-8522.json | 142 ++++---- 2016/8xxx/CVE-2016-8804.json | 34 +- 2016/8xxx/CVE-2016-8885.json | 200 ++++++------ 2016/9xxx/CVE-2016-9277.json | 130 ++++---- 2019/2xxx/CVE-2019-2177.json | 34 +- 2019/2xxx/CVE-2019-2653.json | 34 +- 2019/2xxx/CVE-2019-2866.json | 34 +- 2019/3xxx/CVE-2019-3015.json | 34 +- 2019/3xxx/CVE-2019-3396.json | 34 +- 2019/3xxx/CVE-2019-3623.json | 34 +- 2019/3xxx/CVE-2019-3627.json | 34 +- 2019/6xxx/CVE-2019-6739.json | 34 +- 2019/6xxx/CVE-2019-6767.json | 34 +- 2019/7xxx/CVE-2019-7474.json | 34 +- 2019/7xxx/CVE-2019-7558.json | 34 +- 2019/7xxx/CVE-2019-7601.json | 34 +- 2019/7xxx/CVE-2019-7848.json | 34 +- 49 files changed, 2866 insertions(+), 2866 deletions(-) diff --git a/2007/2xxx/CVE-2007-2692.json b/2007/2xxx/CVE-2007-2692.json index 45046438687..59760833322 100644 --- a/2007/2xxx/CVE-2007-2692.json +++ b/2007/2xxx/CVE-2007-2692.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2692", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2692", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473874/100/0/threaded" - }, - { - "name" : "[announce] 20070712 MySQL Community Server 5.0.45 has been released!", - "refsource" : "MLIST", - "url" : "http://lists.mysql.com/announce/470" - }, - { - "name" : "http://bugs.mysql.com/bug.php?id=27337", - "refsource" : "MISC", - "url" : "http://bugs.mysql.com/bug.php?id=27337" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1536", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1536" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html" - }, - { - "name" : "DSA-1413", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1413" - }, - { - "name" : "MDVSA-2008:028", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:028" - }, - { - "name" : "RHSA-2007:0894", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0894.html" - }, - { - "name" : "RHSA-2008:0364", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0364.html" - }, - { - "name" : "SUSE-SR:2008:003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" - }, - { - "name" : "USN-588-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-588-1" - }, - { - "name" : "24011", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24011" - }, - { - "name" : "34765", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34765" - }, - { - "name" : "oval:org.mitre.oval:def:9166", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166" - }, - { - "name" : "30351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30351" - }, - { - "name" : "ADV-2007-1804", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1804" - }, - { - "name" : "1018070", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018070" - }, - { - "name" : "25301", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25301" - }, - { - "name" : "26073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26073" - }, - { - "name" : "26430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26430" - }, - { - "name" : "27823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27823" - }, - { - "name" : "28637", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28637" - }, - { - "name" : "28838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28838" - }, - { - "name" : "29443", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29443" - }, - { - "name" : "mysql-changedb-privilege-escalation(34348)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27823" + }, + { + "name": "29443", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29443" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html" + }, + { + "name": "RHSA-2007:0894", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0894.html" + }, + { + "name": "26073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26073" + }, + { + "name": "MDVSA-2008:028", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:028" + }, + { + "name": "[announce] 20070712 MySQL Community Server 5.0.45 has been released!", + "refsource": "MLIST", + "url": "http://lists.mysql.com/announce/470" + }, + { + "name": "ADV-2007-1804", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1804" + }, + { + "name": "oval:org.mitre.oval:def:9166", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166" + }, + { + "name": "20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473874/100/0/threaded" + }, + { + "name": "1018070", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018070" + }, + { + "name": "mysql-changedb-privilege-escalation(34348)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34348" + }, + { + "name": "25301", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25301" + }, + { + "name": "DSA-1413", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1413" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1536", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1536" + }, + { + "name": "28637", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28637" + }, + { + "name": "30351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30351" + }, + { + "name": "http://bugs.mysql.com/bug.php?id=27337", + "refsource": "MISC", + "url": "http://bugs.mysql.com/bug.php?id=27337" + }, + { + "name": "26430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26430" + }, + { + "name": "28838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28838" + }, + { + "name": "USN-588-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-588-1" + }, + { + "name": "34765", + "refsource": "OSVDB", + "url": "http://osvdb.org/34765" + }, + { + "name": "SUSE-SR:2008:003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" + }, + { + "name": "RHSA-2008:0364", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" + }, + { + "name": "24011", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24011" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2922.json b/2007/2xxx/CVE-2007-2922.json index 0347056658b..898ae9fbd3b 100644 --- a/2007/2xxx/CVE-2007-2922.json +++ b/2007/2xxx/CVE-2007-2922.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2922", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2922", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3013.json b/2007/3xxx/CVE-2007-3013.json index e23b4bcea4f..11576c623bc 100644 --- a/2007/3xxx/CVE-2007-3013.json +++ b/2007/3xxx/CVE-2007-3013.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in activeWeb contentserver before 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070713 ActiveWeb Contentserver CMS SQL Injection Management Interface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473630/100/0/threaded" - }, - { - "name" : "http://www.redteam-pentesting.de/advisories/rt-sa-2007-004.php", - "refsource" : "MISC", - "url" : "http://www.redteam-pentesting.de/advisories/rt-sa-2007-004.php" - }, - { - "name" : "24894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24894" - }, - { - "name" : "36511", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36511" - }, - { - "name" : "26063", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26063" - }, - { - "name" : "activeweb-picturerealedit-sql-injection(35390)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in activeWeb contentserver before 5.6.2964 allows remote authenticated users with edit permission to execute arbitrary SQL commands via the id parameter to admin/picture/picture_real_edit.asp, and probably other unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-004.php", + "refsource": "MISC", + "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-004.php" + }, + { + "name": "20070713 ActiveWeb Contentserver CMS SQL Injection Management Interface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473630/100/0/threaded" + }, + { + "name": "24894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24894" + }, + { + "name": "36511", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36511" + }, + { + "name": "26063", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26063" + }, + { + "name": "activeweb-picturerealedit-sql-injection(35390)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35390" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3355.json b/2007/3xxx/CVE-2007-3355.json index c23f63b77e9..4d7cea660ff 100644 --- a/2007/3xxx/CVE-2007-3355.json +++ b/2007/3xxx/CVE-2007-3355.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070621 NetClassifieds [multiple vulnerabilities]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471944/100/0/threaded" - }, - { - "name" : "24584", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24584" - }, - { - "name" : "37066", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37066" - }, - { - "name" : "2824", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2824" - }, - { - "name" : "netclassifieds-multiple-xss(34996)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34996" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070621 NetClassifieds [multiple vulnerabilities]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471944/100/0/threaded" + }, + { + "name": "netclassifieds-multiple-xss(34996)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34996" + }, + { + "name": "24584", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24584" + }, + { + "name": "2824", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2824" + }, + { + "name": "37066", + "refsource": "OSVDB", + "url": "http://osvdb.org/37066" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3385.json b/2007/3xxx/CVE-2007-3385.json index f20f591e648..e2bae19d7f0 100644 --- a/2007/3xxx/CVE-2007-3385.json +++ b/2007/3xxx/CVE-2007-3385.json @@ -1,287 +1,287 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3385", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \\\" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3385", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070814 CVE-2007-3385: Handling of \\\" in cookies", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476444/100/0/threaded" - }, - { - "name" : "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/500412/100/0/threaded" - }, - { - "name" : "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/500396/100/0/threaded" - }, - { - "name" : "http://tomcat.apache.org/security-6.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-6.html" - }, - { - "name" : "http://support.apple.com/kb/HT2163", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT2163" - }, - { - "name" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", - "refsource" : "CONFIRM", - "url" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" - }, - { - "name" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", - "refsource" : "CONFIRM", - "url" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" - }, - { - "name" : "IZ55562", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562" - }, - { - "name" : "APPLE-SA-2008-06-30", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" - }, - { - "name" : "DSA-1447", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1447" - }, - { - "name" : "DSA-1453", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1453" - }, - { - "name" : "FEDORA-2007-3456", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" - }, - { - "name" : "HPSBUX02262", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" - }, - { - "name" : "SSRT071447", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" - }, - { - "name" : "HPSBTU02276", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554" - }, - { - "name" : "SSRT071472", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554" - }, - { - "name" : "MDKSA-2007:241", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241" - }, - { - "name" : "RHSA-2007:0871", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0871.html" - }, - { - "name" : "RHSA-2007:0950", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0950.html" - }, - { - "name" : "RHSA-2008:0195", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0195.html" - }, - { - "name" : "RHSA-2008:0261", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0261.html" - }, - { - "name" : "SUSE-SR:2008:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" - }, - { - "name" : "SUSE-SR:2009:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" - }, - { - "name" : "VU#993544", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/993544" - }, - { - "name" : "25316", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25316" - }, - { - "name" : "oval:org.mitre.oval:def:9549", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549" - }, - { - "name" : "36486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36486" - }, - { - "name" : "44183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44183" - }, - { - "name" : "ADV-2007-2902", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2902" - }, - { - "name" : "ADV-2007-3386", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3386" - }, - { - "name" : "ADV-2007-3527", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3527" - }, - { - "name" : "ADV-2008-1981", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1981/references" - }, - { - "name" : "ADV-2009-0233", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0233" - }, - { - "name" : "1018557", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018557" - }, - { - "name" : "26466", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26466" - }, - { - "name" : "26898", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26898" - }, - { - "name" : "27037", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27037" - }, - { - "name" : "27267", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27267" - }, - { - "name" : "27727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27727" - }, - { - "name" : "28317", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28317" - }, - { - "name" : "28361", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28361" - }, - { - "name" : "29242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29242" - }, - { - "name" : "30802", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30802" - }, - { - "name" : "33668", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33668" - }, - { - "name" : "3011", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3011" - }, - { - "name" : "tomcat-slashcookie-information-disclosure(35999)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35999" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \\\" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1453", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1453" + }, + { + "name": "RHSA-2007:0950", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0950.html" + }, + { + "name": "http://support.apple.com/kb/HT2163", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT2163" + }, + { + "name": "ADV-2008-1981", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1981/references" + }, + { + "name": "3011", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3011" + }, + { + "name": "FEDORA-2007-3456", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" + }, + { + "name": "27267", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27267" + }, + { + "name": "29242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29242" + }, + { + "name": "ADV-2007-3527", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3527" + }, + { + "name": "26466", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26466" + }, + { + "name": "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded" + }, + { + "name": "SUSE-SR:2008:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" + }, + { + "name": "33668", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33668" + }, + { + "name": "ADV-2007-2902", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2902" + }, + { + "name": "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded" + }, + { + "name": "tomcat-slashcookie-information-disclosure(35999)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35999" + }, + { + "name": "26898", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26898" + }, + { + "name": "28361", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28361" + }, + { + "name": "IZ55562", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ55562" + }, + { + "name": "SSRT071472", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554" + }, + { + "name": "44183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44183" + }, + { + "name": "28317", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28317" + }, + { + "name": "APPLE-SA-2008-06-30", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html" + }, + { + "name": "ADV-2009-0233", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0233" + }, + { + "name": "SUSE-SR:2009:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" + }, + { + "name": "http://tomcat.apache.org/security-6.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-6.html" + }, + { + "name": "RHSA-2007:0871", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0871.html" + }, + { + "name": "ADV-2007-3386", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3386" + }, + { + "name": "30802", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30802" + }, + { + "name": "RHSA-2008:0195", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" + }, + { + "name": "27037", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27037" + }, + { + "name": "1018557", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018557" + }, + { + "name": "25316", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25316" + }, + { + "name": "VU#993544", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/993544" + }, + { + "name": "SSRT071447", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" + }, + { + "name": "27727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27727" + }, + { + "name": "HPSBUX02262", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" + }, + { + "name": "RHSA-2008:0261", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" + }, + { + "name": "36486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36486" + }, + { + "name": "HPSBTU02276", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01192554" + }, + { + "name": "DSA-1447", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1447" + }, + { + "name": "oval:org.mitre.oval:def:9549", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9549" + }, + { + "name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", + "refsource": "CONFIRM", + "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" + }, + { + "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", + "refsource": "CONFIRM", + "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" + }, + { + "name": "20070814 CVE-2007-3385: Handling of \\\" in cookies", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476444/100/0/threaded" + }, + { + "name": "MDKSA-2007:241", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:241" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3527.json b/2007/3xxx/CVE-2007-3527.json index ecae1233c94..0f40abf7629 100644 --- a/2007/3xxx/CVE-2007-3527.json +++ b/2007/3xxx/CVE-2007-3527.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3527", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3527", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tracker.firebirdsql.org/browse/CORE-1063", - "refsource" : "CONFIRM", - "url" : "http://tracker.firebirdsql.org/browse/CORE-1063" - }, - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "28473", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28473" - }, - { - "name" : "43782", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43782" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf" + }, + { + "name": "43782", + "refsource": "OSVDB", + "url": "http://osvdb.org/43782" + }, + { + "name": "http://tracker.firebirdsql.org/browse/CORE-1063", + "refsource": "CONFIRM", + "url": "http://tracker.firebirdsql.org/browse/CORE-1063" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "28473", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28473" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3796.json b/2007/3xxx/CVE-2007-3796.json index a02e4f0b12d..3b0a678d7a6 100644 --- a/2007/3xxx/CVE-2007-3796.json +++ b/2007/3xxx/CVE-2007-3796.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070717 [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064676.html" - }, - { - "name" : "http://www.sec-1labs.co.uk/advisories/BTA_Full.pdf", - "refsource" : "MISC", - "url" : "http://www.sec-1labs.co.uk/advisories/BTA_Full.pdf" - }, - { - "name" : "24936", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24936" - }, - { - "name" : "26018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26018" - }, - { - "name" : "2895", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a malicious value, which triggers SQL buffer truncation due to length inconsistencies between variables." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24936", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24936" + }, + { + "name": "http://www.sec-1labs.co.uk/advisories/BTA_Full.pdf", + "refsource": "MISC", + "url": "http://www.sec-1labs.co.uk/advisories/BTA_Full.pdf" + }, + { + "name": "26018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26018" + }, + { + "name": "20070717 [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064676.html" + }, + { + "name": "2895", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2895" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4049.json b/2007/4xxx/CVE-2007-4049.json index e6c6827ab50..94d8f4839a0 100644 --- a/2007/4xxx/CVE-2007-4049.json +++ b/2007/4xxx/CVE-2007-4049.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4049", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-1205. Reason: This candidate is a duplicate of CVE-2000-1205. Notes: All CVE users should reference CVE-2000-1205 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-4049", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-1205. Reason: This candidate is a duplicate of CVE-2000-1205. Notes: All CVE users should reference CVE-2000-1205 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4329.json b/2007/4xxx/CVE-2007-4329.json index 08be9bb2a14..c4727c4756a 100644 --- a/2007/4xxx/CVE-2007-4329.json +++ b/2007/4xxx/CVE-2007-4329.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070809 Web News 1.1 Remote Command Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475956/100/0/threaded" - }, - { - "name" : "25257", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25257" - }, - { - "name" : "ADV-2007-2839", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2839" - }, - { - "name" : "36427", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36427" - }, - { - "name" : "36428", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36428" - }, - { - "name" : "36429", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36429" - }, - { - "name" : "26398", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26398" - }, - { - "name" : "2998", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2998" - }, - { - "name" : "webnews-multiple-file-include(35925)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35925" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36428", + "refsource": "OSVDB", + "url": "http://osvdb.org/36428" + }, + { + "name": "36429", + "refsource": "OSVDB", + "url": "http://osvdb.org/36429" + }, + { + "name": "25257", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25257" + }, + { + "name": "2998", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2998" + }, + { + "name": "26398", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26398" + }, + { + "name": "36427", + "refsource": "OSVDB", + "url": "http://osvdb.org/36427" + }, + { + "name": "webnews-multiple-file-include(35925)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35925" + }, + { + "name": "ADV-2007-2839", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2839" + }, + { + "name": "20070809 Web News 1.1 Remote Command Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475956/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4891.json b/2007/4xxx/CVE-2007-4891.json index 827009cdc19..eb4476851b1 100644 --- a/2007/4xxx/CVE-2007-4891.json +++ b/2007/4xxx/CVE-2007-4891.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4393", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4393" - }, - { - "name" : "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html", - "refsource" : "MISC", - "url" : "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html" - }, - { - "name" : "25638", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25638" - }, - { - "name" : "37106", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37106" - }, - { - "name" : "26779", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26779" - }, - { - "name" : "visualstudio-pdwizard-code-execution(36572)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36572" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "visualstudio-pdwizard-code-execution(36572)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36572" + }, + { + "name": "4393", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4393" + }, + { + "name": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html", + "refsource": "MISC", + "url": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html" + }, + { + "name": "37106", + "refsource": "OSVDB", + "url": "http://osvdb.org/37106" + }, + { + "name": "26779", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26779" + }, + { + "name": "25638", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25638" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6326.json b/2007/6xxx/CVE-2007-6326.json index 1ce6689da24..d5dd3c275d6 100644 --- a/2007/6xxx/CVE-2007-6326.json +++ b/2007/6xxx/CVE-2007-6326.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4717", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4717" - }, - { - "name" : "http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html", - "refsource" : "MISC", - "url" : "http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html" - }, - { - "name" : "26813", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26813" - }, - { - "name" : "simplehttpd-aux-dos(38980)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "simplehttpd-aux-dos(38980)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38980" + }, + { + "name": "http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html", + "refsource": "MISC", + "url": "http://shinnai.altervista.org/exploits/txt/TXT_8kXDua0a0Tl5Vm5LU3ms.html" + }, + { + "name": "4717", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4717" + }, + { + "name": "26813", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26813" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6345.json b/2007/6xxx/CVE-2007-6345.json index 7605b934d31..f3f1162ce18 100644 --- a/2007/6xxx/CVE-2007-6345.json +++ b/2007/6xxx/CVE-2007-6345.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=560073", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=560073" - }, - { - "name" : "26829", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26829" - }, - { - "name" : "39145", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39145" - }, - { - "name" : "28014", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28014" - }, - { - "name" : "auroraframework-dbmysql-sql-injection(38999)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38999" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "auroraframework-dbmysql-sql-injection(38999)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38999" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=560073", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=560073" + }, + { + "name": "26829", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26829" + }, + { + "name": "28014", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28014" + }, + { + "name": "39145", + "refsource": "OSVDB", + "url": "http://osvdb.org/39145" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6398.json b/2007/6xxx/CVE-2007-6398.json index b55cc5c30b4..5a01c9f0060 100644 --- a/2007/6xxx/CVE-2007-6398.json +++ b/2007/6xxx/CVE-2007-6398.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071209 Flat PHP Board <= 1.2 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484803/100/100/threaded" - }, - { - "name" : "4705", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4705" - }, - { - "name" : "26782", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26782" - }, - { - "name" : "43678", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43678" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071209 Flat PHP Board <= 1.2 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484803/100/100/threaded" + }, + { + "name": "4705", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4705" + }, + { + "name": "26782", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26782" + }, + { + "name": "43678", + "refsource": "OSVDB", + "url": "http://osvdb.org/43678" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1049.json b/2010/1xxx/CVE-2010-1049.json index d821615fd5d..f13d7d90929 100644 --- a/2010/1xxx/CVE-2010-1049.json +++ b/2010/1xxx/CVE-2010-1049.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "11357", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11357" - }, - { - "name" : "38430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38430" - }, - { - "name" : "ADV-2010-0317", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38430" + }, + { + "name": "ADV-2010-0317", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0317" + }, + { + "name": "11357", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11357" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1692.json b/2010/1xxx/CVE-2010-1692.json index d1644ed7150..4e2e862f5d2 100644 --- a/2010/1xxx/CVE-2010-1692.json +++ b/2010/1xxx/CVE-2010-1692.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1692", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-1692", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1808.json b/2010/1xxx/CVE-2010-1808.json index f4212046fe1..db1455c5fae 100644 --- a/2010/1xxx/CVE-2010-1808.json +++ b/2010/1xxx/CVE-2010-1808.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1808", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1808", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4312", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4312" - }, - { - "name" : "APPLE-SA-2010-08-24-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html" - }, - { - "name" : "1024359", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1024359" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1024359", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1024359" + }, + { + "name": "APPLE-SA-2010-08-24-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html" + }, + { + "name": "http://support.apple.com/kb/HT4312", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4312" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1940.json b/2010/1xxx/CVE-2010-1940.json index 978ef7d9c02..3211ede684e 100644 --- a/2010/1xxx/CVE-2010-1940.json +++ b/2010/1xxx/CVE-2010-1940.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1940", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Safari 4.0.5 on Windows sends the \"Authorization: Basic\" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1940", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39670", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39670" - }, - { - "name" : "safari-http-request-information-disclosure(58620)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58620" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Safari 4.0.5 on Windows sends the \"Authorization: Basic\" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39670", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39670" + }, + { + "name": "safari-http-request-information-disclosure(58620)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58620" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5035.json b/2010/5xxx/CVE-2010-5035.json index f0be66e0ede..292c58f673d 100644 --- a/2010/5xxx/CVE-2010-5035.json +++ b/2010/5xxx/CVE-2010-5035.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "13740", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/13740/" - }, - { - "name" : "http://packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt" - }, - { - "name" : "40597", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40597" - }, - { - "name" : "40087", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40087" - }, - { - "name" : "8522", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8522" - }, - { - "name" : "ADV-2010-1360", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1360" - }, - { - "name" : "eswap-search-xss(59148)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59148" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php in iScripts eSwap 2.0 allows remote attackers to inject arbitrary web script or HTML via the txtHomeSearch parameter (aka the search field). NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "eswap-search-xss(59148)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59148" + }, + { + "name": "http://packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt" + }, + { + "name": "ADV-2010-1360", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1360" + }, + { + "name": "8522", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8522" + }, + { + "name": "40597", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40597" + }, + { + "name": "40087", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40087" + }, + { + "name": "13740", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/13740/" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0630.json b/2014/0xxx/CVE-2014-0630.json index a8eaa8bca92..b79ae1b5c8e 100644 --- a/2014/0xxx/CVE-2014-0630.json +++ b/2014/0xxx/CVE-2014-0630.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0630", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2014-0630", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140305 ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2014/Mar/33" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140305 ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2014/Mar/33" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1405.json b/2014/1xxx/CVE-2014-1405.json index a8e25fa4921..321b5ef778a 100644 --- a/2014/1xxx/CVE-2014-1405.json +++ b/2014/1xxx/CVE-2014-1405.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf", - "refsource" : "MISC", - "url" : "http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf" - }, - { - "name" : "101916", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/101916" - }, - { - "name" : "101917", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/101917" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf", + "refsource": "MISC", + "url": "http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf" + }, + { + "name": "101916", + "refsource": "OSVDB", + "url": "http://osvdb.org/101916" + }, + { + "name": "101917", + "refsource": "OSVDB", + "url": "http://osvdb.org/101917" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1679.json b/2014/1xxx/CVE-2014-1679.json index 79720a3f325..07d199dcb31 100644 --- a/2014/1xxx/CVE-2014-1679.json +++ b/2014/1xxx/CVE-2014-1679.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1679", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite before 7.2.2-rev31, 7.4.0 before 7.4.0-rev27, and 7.4.1 before 7.4.1-rev17 allows remote attackers to inject arbitrary web script or HTML via the header in an attached SVG file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1679", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140210 Open-Xchange Security Advisory 2014-02-10", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/531005" - }, - { - "name" : "https://forum.open-xchange.com/showthread.php?8259-Open-Xchange-releases-Security-Patch-2014-01-29-for-v7-2-2-v7-4-0-and-v7-4-1", - "refsource" : "MISC", - "url" : "https://forum.open-xchange.com/showthread.php?8259-Open-Xchange-releases-Security-Patch-2014-01-29-for-v7-2-2-v7-4-0-and-v7-4-1" - }, - { - "name" : "56828", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56828" - }, - { - "name" : "openxchange-cve20141679-xss(91059)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite before 7.2.2-rev31, 7.4.0 before 7.4.0-rev27, and 7.4.1 before 7.4.1-rev17 allows remote attackers to inject arbitrary web script or HTML via the header in an attached SVG file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140210 Open-Xchange Security Advisory 2014-02-10", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/531005" + }, + { + "name": "56828", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56828" + }, + { + "name": "openxchange-cve20141679-xss(91059)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91059" + }, + { + "name": "https://forum.open-xchange.com/showthread.php?8259-Open-Xchange-releases-Security-Patch-2014-01-29-for-v7-2-2-v7-4-0-and-v7-4-1", + "refsource": "MISC", + "url": "https://forum.open-xchange.com/showthread.php?8259-Open-Xchange-releases-Security-Patch-2014-01-29-for-v7-2-2-v7-4-0-and-v7-4-1" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5419.json b/2014/5xxx/CVE-2014-5419.json index c28195b1e6e..632283f036f 100644 --- a/2014/5xxx/CVE-2014-5419.json +++ b/2014/5xxx/CVE-2014-5419.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier use the same RSA private key across different customers' installations, which makes it easier for remote attackers to obtain the cleartext content of network traffic by reading this key from a firmware image and then sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2014-5419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04" - }, - { - "name" : "http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier use the same RSA private key across different customers' installations, which makes it easier for remote attackers to obtain the cleartext content of network traffic by reading this key from a firmware image and then sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04" + }, + { + "name": "http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf", + "refsource": "CONFIRM", + "url": "http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5496.json b/2014/5xxx/CVE-2014-5496.json index 960bf537ef4..2f7642abe4f 100644 --- a/2014/5xxx/CVE-2014-5496.json +++ b/2014/5xxx/CVE-2014-5496.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5496", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5496", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5514.json b/2014/5xxx/CVE-2014-5514.json index 00270bb4a37..518b1a593ec 100644 --- a/2014/5xxx/CVE-2014-5514.json +++ b/2014/5xxx/CVE-2014-5514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5514", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5514", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5672.json b/2014/5xxx/CVE-2014-5672.json index a9785893388..32b60e96068 100644 --- a/2014/5xxx/CVE-2014-5672.json +++ b/2014/5xxx/CVE-2014-5672.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#660905", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/660905" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The NQ Mobile Security & Antivirus (aka com.nqmobile.antivirus20) application 7.2.16.00 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#660905", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/660905" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5945.json b/2014/5xxx/CVE-2014-5945.json index f2db0f9baeb..5d35b41070f 100644 --- a/2014/5xxx/CVE-2014-5945.json +++ b/2014/5xxx/CVE-2014-5945.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#999001", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/999001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Edline Mobile (aka com.wEdlineFree) application 0.63.13369.34294 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#999001", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/999001" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2197.json b/2015/2xxx/CVE-2015-2197.json index b8c30bda2e0..e9fa9b5874f 100644 --- a/2015/2xxx/CVE-2015-2197.json +++ b/2015/2xxx/CVE-2015-2197.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2197", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2197", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2437905", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2437905" - }, - { - "name" : "https://www.drupal.org/node/2437885", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2437885" - }, - { - "name" : "72806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72806" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2437885", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2437885" + }, + { + "name": "https://www.drupal.org/node/2437905", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2437905" + }, + { + "name": "72806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72806" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2485.json b/2015/2xxx/CVE-2015-2485.json index ff675e00c61..388b3730d0e 100644 --- a/2015/2xxx/CVE-2015-2485.json +++ b/2015/2xxx/CVE-2015-2485.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2491 and CVE-2015-2541." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" - }, - { - "name" : "MS15-095", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095" - }, - { - "name" : "76572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76572" - }, - { - "name" : "1033487", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2491 and CVE-2015-2541." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76572" + }, + { + "name": "MS15-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" + }, + { + "name": "MS15-095", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095" + }, + { + "name": "1033487", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033487" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10152.json b/2016/10xxx/CVE-2016-10152.json index 1d17f67891d..c79435bba05 100644 --- a/2016/10xxx/CVE-2016-10152.json +++ b/2016/10xxx/CVE-2016-10152.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10152", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10152", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/01/21/1" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332493", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332493" - }, - { - "name" : "https://github.com/achernya/hesiod/pull/10", - "refsource" : "CONFIRM", - "url" : "https://github.com/achernya/hesiod/pull/10" - }, - { - "name" : "GLSA-201805-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201805-01" - }, - { - "name" : "90952", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90952" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The read_config_file function in lib/hesiod.c in Hesiod 3.2.1 falls back to the \".athena.mit.edu\" default domain when opening the configuration file fails, which allows remote attackers to gain root privileges by poisoning the DNS cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90952", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90952" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332493" + }, + { + "name": "[oss-security] 20170120 Re: CVE Request: two flaws in hesiod permitting privilege elevation", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/01/21/1" + }, + { + "name": "https://github.com/achernya/hesiod/pull/10", + "refsource": "CONFIRM", + "url": "https://github.com/achernya/hesiod/pull/10" + }, + { + "name": "GLSA-201805-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201805-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4006.json b/2016/4xxx/CVE-2016-4006.json index d25ddb784a1..1666459ddfa 100644 --- a/2016/4xxx/CVE-2016-4006.json +++ b/2016/4xxx/CVE-2016-4006.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2016-25.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2016-25.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12268", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12268" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dc9551e1d56290e6f7f02cc38b77e1d211fd4a5", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dc9551e1d56290e6f7f02cc38b77e1d211fd4a5" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "DSA-3585", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3585" - }, - { - "name" : "1035685", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035685", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035685" + }, + { + "name": "DSA-3585", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3585" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dc9551e1d56290e6f7f02cc38b77e1d211fd4a5", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dc9551e1d56290e6f7f02cc38b77e1d211fd4a5" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12268", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12268" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2016-25.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2016-25.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4046.json b/2016/4xxx/CVE-2016-4046.json index 87aa50602c1..711c0f3445f 100644 --- a/2016/4xxx/CVE-2016-4046.json +++ b/2016/4xxx/CVE-2016-4046.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response type, content and latency, information about existence of hosts and services can be gathered. Attackers can get internal configuration information about the infrastructure of an operator to prepare subsequent attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160622 Open-Xchange Security Advisory 2016-06-22", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538732/100/0/threaded" - }, - { - "name" : "1036157", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending on the response type, content and latency, information about existence of hosts and services can be gathered. Attackers can get internal configuration information about the infrastructure of an operator to prepare subsequent attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036157", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036157" + }, + { + "name": "20160622 Open-Xchange Security Advisory 2016-06-22", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538732/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8029.json b/2016/8xxx/CVE-2016-8029.json index 9b56ed4d7b2..56184a7c047 100644 --- a/2016/8xxx/CVE-2016-8029.json +++ b/2016/8xxx/CVE-2016-8029.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8029", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8029", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8522.json b/2016/8xxx/CVE-2016-8522.json index 0e60e301997..42201bea01e 100644 --- a/2016/8xxx/CVE-2016-8522.json +++ b/2016/8xxx/CVE-2016-8522.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2017-01-13T00:00:00", - "ID" : "CVE-2016-8522", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Diagnostics", - "version" : { - "version_data" : [ - { - "version_value" : "9.24 IP1, 9.26 , 9.26IP1" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2017-01-13T00:00:00", + "ID": "CVE-2016-8522", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Diagnostics", + "version": { + "version_data": [ + { + "version_value": "9.24 IP1, 9.26 , 9.26IP1" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100" - }, - { - "name" : "95427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95427" - }, - { - "name" : "1037602", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037602" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100" + }, + { + "name": "1037602", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037602" + }, + { + "name": "95427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95427" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8804.json b/2016/8xxx/CVE-2016-8804.json index b88d680c0db..5b37a2a0e26 100644 --- a/2016/8xxx/CVE-2016-8804.json +++ b/2016/8xxx/CVE-2016-8804.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8804", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8804", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8885.json b/2016/8xxx/CVE-2016-8885.json index 18d4847538a..a751168cc0f 100644 --- a/2016/8xxx/CVE-2016-8885.json +++ b/2016/8xxx/CVE-2016-8885.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8885", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161022 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/23/1" - }, - { - "name" : "[oss-security] 20161023 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/23/5" - }, - { - "name" : "[oss-security] 20161023 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/23/9" - }, - { - "name" : "https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1385499", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1385499" - }, - { - "name" : "FEDORA-2016-6c789ba91d", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/" - }, - { - "name" : "FEDORA-2016-e0f0d48142", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/" - }, - { - "name" : "RHSA-2017:1208", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1208" - }, - { - "name" : "93834", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93834" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-6c789ba91d", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/" + }, + { + "name": "https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690" + }, + { + "name": "[oss-security] 20161023 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/23/5" + }, + { + "name": "FEDORA-2016-e0f0d48142", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/" + }, + { + "name": "RHSA-2017:1208", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1208" + }, + { + "name": "[oss-security] 20161022 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/23/1" + }, + { + "name": "[oss-security] 20161023 Re: jasper: two NULL pointer dereference in bmp_getdata (bmp_dec.c) (Incomplete fix for CVE-2016-8690)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/23/9" + }, + { + "name": "93834", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93834" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1385499", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1385499" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9277.json b/2016/9xxx/CVE-2016-9277.json index 9c6efddf6e9..cfbff5ac50c 100644 --- a/2016/9xxx/CVE-2016-9277.json +++ b/2016/9xxx/CVE-2016-9277.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", - "refsource" : "CONFIRM", - "url" : "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016" - }, - { - "name" : "94292", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94292" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94292", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94292" + }, + { + "name": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016", + "refsource": "CONFIRM", + "url": "http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2177.json b/2019/2xxx/CVE-2019-2177.json index b01af036eb4..051e2bb7102 100644 --- a/2019/2xxx/CVE-2019-2177.json +++ b/2019/2xxx/CVE-2019-2177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2653.json b/2019/2xxx/CVE-2019-2653.json index 73f72e042e0..6c3dd7ef5da 100644 --- a/2019/2xxx/CVE-2019-2653.json +++ b/2019/2xxx/CVE-2019-2653.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2653", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2653", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2866.json b/2019/2xxx/CVE-2019-2866.json index 979b1f1b933..b7ef8ed81c0 100644 --- a/2019/2xxx/CVE-2019-2866.json +++ b/2019/2xxx/CVE-2019-2866.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2866", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2866", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3015.json b/2019/3xxx/CVE-2019-3015.json index 2ae91af2e92..70a530d359e 100644 --- a/2019/3xxx/CVE-2019-3015.json +++ b/2019/3xxx/CVE-2019-3015.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3015", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3015", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3396.json b/2019/3xxx/CVE-2019-3396.json index 64ccac42eee..d2949d4a455 100644 --- a/2019/3xxx/CVE-2019-3396.json +++ b/2019/3xxx/CVE-2019-3396.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3396", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3396", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3623.json b/2019/3xxx/CVE-2019-3623.json index c1e82ef784b..a1b4b66f1e8 100644 --- a/2019/3xxx/CVE-2019-3623.json +++ b/2019/3xxx/CVE-2019-3623.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3623", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3623", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3627.json b/2019/3xxx/CVE-2019-3627.json index 477ecc3f7bc..78195053ea1 100644 --- a/2019/3xxx/CVE-2019-3627.json +++ b/2019/3xxx/CVE-2019-3627.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3627", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3627", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6739.json b/2019/6xxx/CVE-2019-6739.json index 993b65d2cbc..371956d1327 100644 --- a/2019/6xxx/CVE-2019-6739.json +++ b/2019/6xxx/CVE-2019-6739.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6739", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6739", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6767.json b/2019/6xxx/CVE-2019-6767.json index 65cea008efe..0570adf6a57 100644 --- a/2019/6xxx/CVE-2019-6767.json +++ b/2019/6xxx/CVE-2019-6767.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6767", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6767", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7474.json b/2019/7xxx/CVE-2019-7474.json index c52bb70d73c..6d4611fd73f 100644 --- a/2019/7xxx/CVE-2019-7474.json +++ b/2019/7xxx/CVE-2019-7474.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7474", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7474", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7558.json b/2019/7xxx/CVE-2019-7558.json index 2f50feecb45..fbc9cd84bd9 100644 --- a/2019/7xxx/CVE-2019-7558.json +++ b/2019/7xxx/CVE-2019-7558.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7558", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7558", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7601.json b/2019/7xxx/CVE-2019-7601.json index f2389a2524c..59766a8329c 100644 --- a/2019/7xxx/CVE-2019-7601.json +++ b/2019/7xxx/CVE-2019-7601.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7601", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7601", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7848.json b/2019/7xxx/CVE-2019-7848.json index 6e57adc10ae..7907cc49028 100644 --- a/2019/7xxx/CVE-2019-7848.json +++ b/2019/7xxx/CVE-2019-7848.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7848", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7848", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file