diff --git a/1999/0xxx/CVE-1999-0309.json b/1999/0xxx/CVE-1999-0309.json index b1e033e96ee..6dd93b07885 100644 --- a/1999/0xxx/CVE-1999-0309.json +++ b/1999/0xxx/CVE-1999-0309.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP-UX vgdisplay program gives root access to local users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9702-056", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP-UX vgdisplay program gives root access to local users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX9702-056", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-056" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0895.json b/1999/0xxx/CVE-1999-0895.json index a57fc38c8ce..ae009213c5f 100644 --- a/1999/0xxx/CVE-1999-0895.json +++ b/1999/0xxx/CVE-1999-0895.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0895", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firewall-1 does not properly restrict access to LDAP attributes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0895", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail@tarjan.mediaways.net" - }, - { - "name" : "725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/725" - }, - { - "name" : "1117", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firewall-1 does not properly restrict access to LDAP attributes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail@tarjan.mediaways.net" + }, + { + "name": "725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/725" + }, + { + "name": "1117", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1117" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0176.json b/2000/0xxx/CVE-2000-0176.json index 75061753b63..c023762d633 100644 --- a/2000/0xxx/CVE-2000-0176.json +++ b/2000/0xxx/CVE-2000-0176.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0176", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0176", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000228 Serv-U FTP-Server v2.4a showing real path", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-02/0417.html" - }, - { - "name" : "1016", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000228 Serv-U FTP-Server v2.4a showing real path", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-02/0417.html" + }, + { + "name": "1016", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1016" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0214.json b/2000/0xxx/CVE-2000-0214.json index 75d1c9edf3c..d80da44fd6b 100644 --- a/2000/0xxx/CVE-2000-0214.json +++ b/2000/0xxx/CVE-2000-0214.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0214", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000224 How the password could be recover using FTP Explorer's registry!", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10002242035500.30645-100000@unreal.sekure.org" - }, - { - "name" : "1003", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1003", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1003" + }, + { + "name": "20000224 How the password could be recover using FTP Explorer's registry!", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10002242035500.30645-100000@unreal.sekure.org" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0848.json b/2000/0xxx/CVE-2000-0848.json index 5b314351cf2..82ad2003329 100644 --- a/2000/0xxx/CVE-2000-0848.json +++ b/2000/0xxx/CVE-2000-0848.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0848", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0848", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000915 WebSphere application server plugin issue & vendor fix", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html" - }, - { - "name" : "http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security", - "refsource" : "MISC", - "url" : "http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security" - }, - { - "name" : "1691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1691" - }, - { - "name" : "websphere-header-dos(5252)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5252" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security", + "refsource": "MISC", + "url": "http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security" + }, + { + "name": "1691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1691" + }, + { + "name": "20000915 WebSphere application server plugin issue & vendor fix", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html" + }, + { + "name": "websphere-header-dos(5252)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5252" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0580.json b/2007/0xxx/CVE-2007-0580.json index a736ff5e2b2..f7dcdf2b6b5 100644 --- a/2007/0xxx/CVE-2007-0580.json +++ b/2007/0xxx/CVE-2007-0580.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3215", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3215" - }, - { - "name" : "22285", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22285" - }, - { - "name" : "ADV-2007-0396", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0396" - }, - { - "name" : "33004", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33004" - }, - { - "name" : "23949", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23949" - }, - { - "name" : "forodomus-menu-file-include(31853)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31853" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3215", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3215" + }, + { + "name": "22285", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22285" + }, + { + "name": "ADV-2007-0396", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0396" + }, + { + "name": "33004", + "refsource": "OSVDB", + "url": "http://osvdb.org/33004" + }, + { + "name": "23949", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23949" + }, + { + "name": "forodomus-menu-file-include(31853)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31853" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0777.json b/2007/0xxx/CVE-2007-0777.json index 3879b73928e..1285a222ca0 100644 --- a/2007/0xxx/CVE-2007-0777.json +++ b/2007/0xxx/CVE-2007-0777.json @@ -1,367 +1,367 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070226 rPSA-2007-0040-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded" - }, - { - "name" : "20070303 rPSA-2007-0040-3 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1081", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1081" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1103", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1103" - }, - { - "name" : "FEDORA-2007-281", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2713" - }, - { - "name" : "FEDORA-2007-293", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2728" - }, - { - "name" : "FEDORA-2007-308", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2747" - }, - { - "name" : "FEDORA-2007-309", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2749" - }, - { - "name" : "GLSA-200703-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" - }, - { - "name" : "GLSA-200703-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" - }, - { - "name" : "GLSA-200703-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-18.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:050", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" - }, - { - "name" : "MDKSA-2007:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052" - }, - { - "name" : "RHSA-2007:0079", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html" - }, - { - "name" : "RHSA-2007:0077", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html" - }, - { - "name" : "RHSA-2007:0078", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html" - }, - { - "name" : "RHSA-2007:0097", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html" - }, - { - "name" : "RHSA-2007:0108", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "20070202-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" - }, - { - "name" : "SSA:2007-066-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" - }, - { - "name" : "SSA:2007-066-04", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947" - }, - { - "name" : "SSA:2007-066-05", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" - }, - { - "name" : "SUSE-SA:2007:019", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" - }, - { - "name" : "SUSE-SA:2007:022", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" - }, - { - "name" : "USN-428-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-428-1" - }, - { - "name" : "USN-431-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-431-1" - }, - { - "name" : "VU#269484", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/269484" - }, - { - "name" : "22694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22694" - }, - { - "name" : "oval:org.mitre.oval:def:11331", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11331" - }, - { - "name" : "ADV-2007-0719", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0719" - }, - { - "name" : "ADV-2007-0718", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0718" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "32115", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32115" - }, - { - "name" : "1017698", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017698" - }, - { - "name" : "24238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24238" - }, - { - "name" : "24252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24252" - }, - { - "name" : "24287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24287" - }, - { - "name" : "24290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24290" - }, - { - "name" : "24205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24205" - }, - { - "name" : "24328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24328" - }, - { - "name" : "24333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24333" - }, - { - "name" : "24343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24343" - }, - { - "name" : "24320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24320" - }, - { - "name" : "24293", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24293" - }, - { - "name" : "24393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24393" - }, - { - "name" : "24395", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24395" - }, - { - "name" : "24384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24384" - }, - { - "name" : "24389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24389" - }, - { - "name" : "24410", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24410" - }, - { - "name" : "24437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24437" - }, - { - "name" : "24522", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24522" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24406", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24406" - }, - { - "name" : "24455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24455" - }, - { - "name" : "24456", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24456" - }, - { - "name" : "24457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24457" - }, - { - "name" : "24342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24342" - }, - { - "name" : "mozilla-multiple-javascript-code-execution(32699)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0078", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html" + }, + { + "name": "24395", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24395" + }, + { + "name": "VU#269484", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/269484" + }, + { + "name": "20070226 rPSA-2007-0040-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded" + }, + { + "name": "FEDORA-2007-308", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2747" + }, + { + "name": "24328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24328" + }, + { + "name": "RHSA-2007:0108", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html" + }, + { + "name": "GLSA-200703-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" + }, + { + "name": "24252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24252" + }, + { + "name": "GLSA-200703-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" + }, + { + "name": "SSA:2007-066-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" + }, + { + "name": "24384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24384" + }, + { + "name": "24406", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24406" + }, + { + "name": "24457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24457" + }, + { + "name": "MDKSA-2007:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052" + }, + { + "name": "24343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24343" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "oval:org.mitre.oval:def:11331", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11331" + }, + { + "name": "ADV-2007-0718", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0718" + }, + { + "name": "FEDORA-2007-309", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2749" + }, + { + "name": "GLSA-200703-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "USN-428-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-428-1" + }, + { + "name": "24320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24320" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1103", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1103" + }, + { + "name": "mozilla-multiple-javascript-code-execution(32699)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32699" + }, + { + "name": "SUSE-SA:2007:019", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "20070303 rPSA-2007-0040-3 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded" + }, + { + "name": "SUSE-SA:2007:022", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" + }, + { + "name": "24293", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24293" + }, + { + "name": "24238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24238" + }, + { + "name": "SSA:2007-066-04", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947" + }, + { + "name": "24456", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24456" + }, + { + "name": "24393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24393" + }, + { + "name": "24342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24342" + }, + { + "name": "24287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24287" + }, + { + "name": "24522", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24522" + }, + { + "name": "22694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22694" + }, + { + "name": "32115", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32115" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "ADV-2007-0719", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0719" + }, + { + "name": "FEDORA-2007-281", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2713" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html" + }, + { + "name": "USN-431-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-431-1" + }, + { + "name": "RHSA-2007:0097", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html" + }, + { + "name": "FEDORA-2007-293", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2728" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "24205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24205" + }, + { + "name": "24389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24389" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1081", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1081" + }, + { + "name": "24410", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24410" + }, + { + "name": "24333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24333" + }, + { + "name": "MDKSA-2007:050", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" + }, + { + "name": "24290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24290" + }, + { + "name": "24455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24455" + }, + { + "name": "RHSA-2007:0077", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html" + }, + { + "name": "20070202-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" + }, + { + "name": "1017698", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017698" + }, + { + "name": "SSA:2007-066-05", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" + }, + { + "name": "RHSA-2007:0079", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html" + }, + { + "name": "24437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24437" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0820.json b/2007/0xxx/CVE-2007-0820.json index 83011ef34ba..6d60d7e7f45 100644 --- a/2007/0xxx/CVE-2007-0820.json +++ b/2007/0xxx/CVE-2007-0820.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0820", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0820", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22381", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22381" - }, - { - "name" : "28867", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28867" - }, - { - "name" : "35756", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35756" - }, - { - "name" : "35757", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35757" - }, - { - "name" : "35758", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35758" - }, - { - "name" : "portailphp-index-file-include(42123)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42123" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "portailphp-index-file-include(42123)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42123" + }, + { + "name": "35756", + "refsource": "OSVDB", + "url": "http://osvdb.org/35756" + }, + { + "name": "22381", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22381" + }, + { + "name": "35758", + "refsource": "OSVDB", + "url": "http://osvdb.org/35758" + }, + { + "name": "28867", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28867" + }, + { + "name": "35757", + "refsource": "OSVDB", + "url": "http://osvdb.org/35757" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0905.json b/2007/0xxx/CVE-2007-0905.json index a17947599f3..881383aa13a 100644 --- a/2007/0xxx/CVE-2007-0905.json +++ b/2007/0xxx/CVE-2007-0905.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.1", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.1" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "OpenPKG-SA-2007.010", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" - }, - { - "name" : "2007-0009", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0009/" - }, - { - "name" : "22496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22496" - }, - { - "name" : "ADV-2007-0546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0546" - }, - { - "name" : "32768", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32768" - }, - { - "name" : "24089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24089" - }, - { - "name" : "24419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2007-0009", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0009/" + }, + { + "name": "OpenPKG-SA-2007.010", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" + }, + { + "name": "22496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22496" + }, + { + "name": "32768", + "refsource": "OSVDB", + "url": "http://osvdb.org/32768" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "24089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24089" + }, + { + "name": "24419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24419" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.1", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.1" + }, + { + "name": "ADV-2007-0546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0546" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1138.json b/2007/1xxx/CVE-2007-1138.json index 98c2f48acfe..f7751ecab27 100644 --- a/2007/1xxx/CVE-2007-1138.json +++ b/2007/1xxx/CVE-2007-1138.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070222 Plantilla PHP Simple", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460913/100/0/threaded" - }, - { - "name" : "22669", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22669" - }, - { - "name" : "33138", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33138" - }, - { - "name" : "2332", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2332" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070222 Plantilla PHP Simple", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460913/100/0/threaded" + }, + { + "name": "2332", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2332" + }, + { + "name": "22669", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22669" + }, + { + "name": "33138", + "refsource": "OSVDB", + "url": "http://osvdb.org/33138" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1410.json b/2007/1xxx/CVE-2007-1410.json index ccb08611198..939f72f7f5b 100644 --- a/2007/1xxx/CVE-2007-1410.json +++ b/2007/1xxx/CVE-2007-1410.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3437", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3437" - }, - { - "name" : "22871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22871" - }, - { - "name" : "ADV-2007-0882", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0882" - }, - { - "name" : "35600", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35600" - }, - { - "name" : "gaziyapboz-kategori-sql-injection(32884)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35600", + "refsource": "OSVDB", + "url": "http://osvdb.org/35600" + }, + { + "name": "gaziyapboz-kategori-sql-injection(32884)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32884" + }, + { + "name": "ADV-2007-0882", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0882" + }, + { + "name": "22871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22871" + }, + { + "name": "3437", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3437" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1989.json b/2007/1xxx/CVE-2007-1989.json index 8dda3aaa4c1..d39d7bb0677 100644 --- a/2007/1xxx/CVE-2007-1989.json +++ b/2007/1xxx/CVE-2007-1989.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1989", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in DotClear before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post_id parameter to ecrire/trackback.php or the (2) tool_url parameter to tools/thememng/index.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1989", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070412 Dotclear 1.* Cross Site Scripting Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053720.html" - }, - { - "name" : "http://www.dotclear.net/forum/viewtopic.php?id=26573", - "refsource" : "CONFIRM", - "url" : "http://www.dotclear.net/forum/viewtopic.php?id=26573" - }, - { - "name" : "http://www.dotclear.net/log/post/2007/04/10/Dotclear-126", - "refsource" : "CONFIRM", - "url" : "http://www.dotclear.net/log/post/2007/04/10/Dotclear-126" - }, - { - "name" : "23411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23411" - }, - { - "name" : "ADV-2007-1338", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1338" - }, - { - "name" : "24829", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24829" - }, - { - "name" : "dotclear-tools-xss(33616)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33616" - }, - { - "name" : "dotclear-trackback-xss(33615)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in DotClear before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post_id parameter to ecrire/trackback.php or the (2) tool_url parameter to tools/thememng/index.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23411" + }, + { + "name": "http://www.dotclear.net/log/post/2007/04/10/Dotclear-126", + "refsource": "CONFIRM", + "url": "http://www.dotclear.net/log/post/2007/04/10/Dotclear-126" + }, + { + "name": "20070412 Dotclear 1.* Cross Site Scripting Vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053720.html" + }, + { + "name": "http://www.dotclear.net/forum/viewtopic.php?id=26573", + "refsource": "CONFIRM", + "url": "http://www.dotclear.net/forum/viewtopic.php?id=26573" + }, + { + "name": "dotclear-trackback-xss(33615)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33615" + }, + { + "name": "ADV-2007-1338", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1338" + }, + { + "name": "24829", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24829" + }, + { + "name": "dotclear-tools-xss(33616)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33616" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5080.json b/2007/5xxx/CVE-2007-5080.json index fb5b702df3b..fdc250ebbd6 100644 --- a/2007/5xxx/CVE-2007-5080.json +++ b/2007/5xxx/CVE-2007-5080.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5080", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5080", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/", - "refsource" : "MISC", - "url" : "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/" - }, - { - "name" : "http://service.real.com/realplayer/security/10252007_player/en/", - "refsource" : "CONFIRM", - "url" : "http://service.real.com/realplayer/security/10252007_player/en/" - }, - { - "name" : "VU#759385", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/759385" - }, - { - "name" : "20071030 RealPlayer Updates of October 25, 2007", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001841.html" - }, - { - "name" : "26214", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26214" - }, - { - "name" : "ADV-2007-3628", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3628" - }, - { - "name" : "1018866", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018866" - }, - { - "name" : "27361", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27361" - }, - { - "name" : "realplayer-mp3-bo(37434)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://service.real.com/realplayer/security/10252007_player/en/", + "refsource": "CONFIRM", + "url": "http://service.real.com/realplayer/security/10252007_player/en/" + }, + { + "name": "realplayer-mp3-bo(37434)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37434" + }, + { + "name": "1018866", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018866" + }, + { + "name": "20071030 RealPlayer Updates of October 25, 2007", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html" + }, + { + "name": "ADV-2007-3628", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3628" + }, + { + "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/", + "refsource": "MISC", + "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-real-player-id3-tags/" + }, + { + "name": "VU#759385", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/759385" + }, + { + "name": "27361", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27361" + }, + { + "name": "26214", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26214" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5101.json b/2007/5xxx/CVE-2007-5101.json index 99a0e0e1319..b1d72b270e1 100644 --- a/2007/5xxx/CVE-2007-5101.json +++ b/2007/5xxx/CVE-2007-5101.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator account when files are created, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chironfs/issues/detail?id=6", - "refsource" : "MISC", - "url" : "http://code.google.com/p/chironfs/issues/detail?id=6" - }, - { - "name" : "http://furquim.org/chironfs/Changelog.html", - "refsource" : "CONFIRM", - "url" : "http://furquim.org/chironfs/Changelog.html" - }, - { - "name" : "25780", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25780" - }, - { - "name" : "40586", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40586" - }, - { - "name" : "26943", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26943" - }, - { - "name" : "chironfs-file-insecure-permissions(36751)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36751" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator account when files are created, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26943", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26943" + }, + { + "name": "chironfs-file-insecure-permissions(36751)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36751" + }, + { + "name": "http://furquim.org/chironfs/Changelog.html", + "refsource": "CONFIRM", + "url": "http://furquim.org/chironfs/Changelog.html" + }, + { + "name": "25780", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25780" + }, + { + "name": "http://code.google.com/p/chironfs/issues/detail?id=6", + "refsource": "MISC", + "url": "http://code.google.com/p/chironfs/issues/detail?id=6" + }, + { + "name": "40586", + "refsource": "OSVDB", + "url": "http://osvdb.org/40586" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5243.json b/2007/5xxx/CVE-2007-5243.json index 8d4cac03969..472b591826c 100644 --- a/2007/5xxx/CVE-2007-5243.json +++ b/2007/5xxx/CVE-2007-5243.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5243", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5243", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://risesecurity.org/advisory/RISE-2007002/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/advisory/RISE-2007002/" - }, - { - "name" : "http://risesecurity.org/blog/entry/3/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/blog/entry/3/" - }, - { - "name" : "http://risesecurity.org/exploit/10/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/10/" - }, - { - "name" : "http://risesecurity.org/exploit/12/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/12/" - }, - { - "name" : "http://risesecurity.org/exploit/13/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/13/" - }, - { - "name" : "http://risesecurity.org/exploit/14/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/14/" - }, - { - "name" : "http://risesecurity.org/exploit/15/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/15/" - }, - { - "name" : "http://risesecurity.org/exploit/9/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/9/" - }, - { - "name" : "25917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25917" - }, - { - "name" : "ADV-2007-3381", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3381" - }, - { - "name" : "38605", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38605" - }, - { - "name" : "38606", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38606" - }, - { - "name" : "38607", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38607" - }, - { - "name" : "38608", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38608" - }, - { - "name" : "38609", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38609" - }, - { - "name" : "1018772", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018772" - }, - { - "name" : "27058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27058" - }, - { - "name" : "borland-multiple-functions-bo(36956)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25917" + }, + { + "name": "http://risesecurity.org/blog/entry/3/", + "refsource": "MISC", + "url": "http://risesecurity.org/blog/entry/3/" + }, + { + "name": "1018772", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018772" + }, + { + "name": "http://risesecurity.org/exploit/10/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/10/" + }, + { + "name": "http://risesecurity.org/exploit/9/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/9/" + }, + { + "name": "38607", + "refsource": "OSVDB", + "url": "http://osvdb.org/38607" + }, + { + "name": "38609", + "refsource": "OSVDB", + "url": "http://osvdb.org/38609" + }, + { + "name": "http://risesecurity.org/exploit/13/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/13/" + }, + { + "name": "ADV-2007-3381", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3381" + }, + { + "name": "38606", + "refsource": "OSVDB", + "url": "http://osvdb.org/38606" + }, + { + "name": "borland-multiple-functions-bo(36956)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956" + }, + { + "name": "http://risesecurity.org/exploit/15/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/15/" + }, + { + "name": "38608", + "refsource": "OSVDB", + "url": "http://osvdb.org/38608" + }, + { + "name": "http://risesecurity.org/advisory/RISE-2007002/", + "refsource": "MISC", + "url": "http://risesecurity.org/advisory/RISE-2007002/" + }, + { + "name": "http://risesecurity.org/exploit/14/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/14/" + }, + { + "name": "27058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27058" + }, + { + "name": "http://risesecurity.org/exploit/12/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/12/" + }, + { + "name": "38605", + "refsource": "OSVDB", + "url": "http://osvdb.org/38605" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5282.json b/2007/5xxx/CVE-2007-5282.json index 35db84d2623..143af7547c7 100644 --- a/2007/5xxx/CVE-2007-5282.json +++ b/2007/5xxx/CVE-2007-5282.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5282", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via invalid data from clients other than Cosminexus Manager." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5282", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html" - }, - { - "name" : "25937", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25937" - }, - { - "name" : "ADV-2007-3377", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3377" - }, - { - "name" : "27074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27074" - }, - { - "name" : "cosminexus-agent-unspecified-dos(36966)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 and 04-01, might allow remote attackers to cause a denial of service (agent process crash) via invalid data from clients other than Cosminexus Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-033_e/index-e.html" + }, + { + "name": "cosminexus-agent-unspecified-dos(36966)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36966" + }, + { + "name": "ADV-2007-3377", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3377" + }, + { + "name": "25937", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25937" + }, + { + "name": "27074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27074" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5745.json b/2007/5xxx/CVE-2007-5745.json index 162b977b9dd..08b78d7f00b 100644 --- a/2007/5xxx/CVE-2007-5745.json +++ b/2007/5xxx/CVE-2007-5745.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5745", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5745", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080417 Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=691" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=435678", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=435678" - }, - { - "name" : "http://www.openoffice.org/security/bulletin.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/bulletin.html" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2007-5745.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2007-5745.html" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2007-4770.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2007-4770.html" - }, - { - "name" : "DSA-1547", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1547" - }, - { - "name" : "FEDORA-2008-3251", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.html" - }, - { - "name" : "GLSA-200805-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200805-16.xml" - }, - { - "name" : "MDVSA-2008:095", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:095" - }, - { - "name" : "RHSA-2008:0175", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0175.html" - }, - { - "name" : "231601", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231601-1" - }, - { - "name" : "SUSE-SA:2008:023", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html" - }, - { - "name" : "USN-609-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-609-1" - }, - { - "name" : "28819", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28819" - }, - { - "name" : "oval:org.mitre.oval:def:11006", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11006" - }, - { - "name" : "ADV-2008-1253", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1253/references" - }, - { - "name" : "ADV-2008-1375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1375/references" - }, - { - "name" : "1019891", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019891" - }, - { - "name" : "29864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29864" - }, - { - "name" : "29913", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29913" - }, - { - "name" : "29852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29852" - }, - { - "name" : "29910", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29910" - }, - { - "name" : "29871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29871" - }, - { - "name" : "29987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29987" - }, - { - "name" : "30100", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30100" - }, - { - "name" : "30179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30179" - }, - { - "name" : "openoffice-quattropro-bo(41863)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41863" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29913", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29913" + }, + { + "name": "RHSA-2008:0175", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0175.html" + }, + { + "name": "29852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29852" + }, + { + "name": "231601", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231601-1" + }, + { + "name": "SUSE-SA:2008:023", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=435678", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=435678" + }, + { + "name": "20080417 Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=691" + }, + { + "name": "29864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29864" + }, + { + "name": "GLSA-200805-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200805-16.xml" + }, + { + "name": "30100", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30100" + }, + { + "name": "29987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29987" + }, + { + "name": "MDVSA-2008:095", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:095" + }, + { + "name": "1019891", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019891" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2007-4770.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html" + }, + { + "name": "DSA-1547", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1547" + }, + { + "name": "oval:org.mitre.oval:def:11006", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11006" + }, + { + "name": "ADV-2008-1253", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1253/references" + }, + { + "name": "FEDORA-2008-3251", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.html" + }, + { + "name": "ADV-2008-1375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1375/references" + }, + { + "name": "http://www.openoffice.org/security/bulletin.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/bulletin.html" + }, + { + "name": "30179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30179" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2007-5745.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html" + }, + { + "name": "28819", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28819" + }, + { + "name": "29871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29871" + }, + { + "name": "29910", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29910" + }, + { + "name": "USN-609-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-609-1" + }, + { + "name": "openoffice-quattropro-bo(41863)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41863" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3268.json b/2015/3xxx/CVE-2015-3268.json index 64170378338..2b4f3135c4e 100644 --- a/2015/3xxx/CVE-2015-3268.json +++ b/2015/3xxx/CVE-2015-3268.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFormField.java in Apache OFBiz before 12.04.06 and 13.07.x before 13.07.03 allows remote attackers to inject arbitrary web script or HTML via the description attribute of a display-entity element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160408 CVE-2015-3268: Apache OFBiz information disclosure vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538033/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136638/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136638/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html" - }, - { - "name" : "http://ofbiz.apache.org/download.html#vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://ofbiz.apache.org/download.html#vulnerabilities" - }, - { - "name" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04", - "refsource" : "CONFIRM", - "url" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04" - }, - { - "name" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07", - "refsource" : "CONFIRM", - "url" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07" - }, - { - "name" : "https://issues.apache.org/jira/browse/OFBIZ-6506", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/OFBIZ-6506" - }, - { - "name" : "1035514", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFormField.java in Apache OFBiz before 12.04.06 and 13.07.x before 13.07.03 allows remote attackers to inject arbitrary web script or HTML via the description attribute of a display-entity element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://ofbiz.apache.org/download.html#vulnerabilities", + "refsource": "CONFIRM", + "url": "http://ofbiz.apache.org/download.html#vulnerabilities" + }, + { + "name": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04", + "refsource": "CONFIRM", + "url": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04" + }, + { + "name": "https://issues.apache.org/jira/browse/OFBIZ-6506", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/OFBIZ-6506" + }, + { + "name": "1035514", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035514" + }, + { + "name": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07", + "refsource": "CONFIRM", + "url": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07" + }, + { + "name": "http://packetstormsecurity.com/files/136638/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136638/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html" + }, + { + "name": "20160408 CVE-2015-3268: Apache OFBiz information disclosure vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538033/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3472.json b/2015/3xxx/CVE-2015-3472.json index 5f97d3b6b06..aab12287af1 100644 --- a/2015/3xxx/CVE-2015-3472.json +++ b/2015/3xxx/CVE-2015-3472.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3472", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3472", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3619.json b/2015/3xxx/CVE-2015-3619.json index 481b3a63d83..a0ed82ed885 100644 --- a/2015/3xxx/CVE-2015-3619.json +++ b/2015/3xxx/CVE-2015-3619.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3619", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in the VirtueMart component before 3.0.8 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors involving a \"double encode combination of first_name, last_name and company.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3619", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://fortiguard.com/zeroday/FG-VD-15-027", - "refsource" : "MISC", - "url" : "https://fortiguard.com/zeroday/FG-VD-15-027" - }, - { - "name" : "http://dev.virtuemart.net/projects/virtuemart/repository/diff/trunk/virtuemart/administrator/components/com_virtuemart/assets/js/vm2admin.js?utf8=%E2%9C%93&rev=8828&rev_to=8670", - "refsource" : "CONFIRM", - "url" : "http://dev.virtuemart.net/projects/virtuemart/repository/diff/trunk/virtuemart/administrator/components/com_virtuemart/assets/js/vm2admin.js?utf8=%E2%9C%93&rev=8828&rev_to=8670" - }, - { - "name" : "https://virtuemart.net/news/470-release-vm3-0-8-2-secured-by-fortinet-s-fortiguard-labs", - "refsource" : "CONFIRM", - "url" : "https://virtuemart.net/news/470-release-vm3-0-8-2-secured-by-fortinet-s-fortiguard-labs" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in assets/js/vm2admin.js in the VirtueMart component before 3.0.8 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors involving a \"double encode combination of first_name, last_name and company.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dev.virtuemart.net/projects/virtuemart/repository/diff/trunk/virtuemart/administrator/components/com_virtuemart/assets/js/vm2admin.js?utf8=%E2%9C%93&rev=8828&rev_to=8670", + "refsource": "CONFIRM", + "url": "http://dev.virtuemart.net/projects/virtuemart/repository/diff/trunk/virtuemart/administrator/components/com_virtuemart/assets/js/vm2admin.js?utf8=%E2%9C%93&rev=8828&rev_to=8670" + }, + { + "name": "https://virtuemart.net/news/470-release-vm3-0-8-2-secured-by-fortinet-s-fortiguard-labs", + "refsource": "CONFIRM", + "url": "https://virtuemart.net/news/470-release-vm3-0-8-2-secured-by-fortinet-s-fortiguard-labs" + }, + { + "name": "https://fortiguard.com/zeroday/FG-VD-15-027", + "refsource": "MISC", + "url": "https://fortiguard.com/zeroday/FG-VD-15-027" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3671.json b/2015/3xxx/CVE-2015-3671.json index 0afe84146dc..f8ce566390e 100644 --- a/2015/3xxx/CVE-2015-3671.json +++ b/2015/3xxx/CVE-2015-3671.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3671", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3671", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3857.json b/2015/3xxx/CVE-2015-3857.json index 876bf752fc5..c6b84c11686 100644 --- a/2015/3xxx/CVE-2015-3857.json +++ b/2015/3xxx/CVE-2015-3857.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3857", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3857", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6107.json b/2015/6xxx/CVE-2015-6107.json index 07cb0c2c09b..c66be6d648a 100644 --- a/2015/6xxx/CVE-2015-6107.json +++ b/2015/6xxx/CVE-2015-6107.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6107", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka \"Graphics Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6107", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-128", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128" - }, - { - "name" : "1034331", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034331" - }, - { - "name" : "1034332", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034332" - }, - { - "name" : "1034333", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034333" - }, - { - "name" : "1034336", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka \"Graphics Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034333", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034333" + }, + { + "name": "1034331", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034331" + }, + { + "name": "MS15-128", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-128" + }, + { + "name": "1034332", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034332" + }, + { + "name": "1034336", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034336" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6115.json b/2015/6xxx/CVE-2015-6115.json index bd41fab2053..6bfa9d3bf6d 100644 --- a/2015/6xxx/CVE-2015-6115.json +++ b/2015/6xxx/CVE-2015-6115.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6115", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \".NET ASLR Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6115", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-118", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-118" - }, - { - "name" : "1034116", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \".NET ASLR Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-118", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-118" + }, + { + "name": "1034116", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034116" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6506.json b/2015/6xxx/CVE-2015-6506.json index 43dd88dc6ee..91cbe21b604 100644 --- a/2015/6xxx/CVE-2015-6506.json +++ b/2015/6xxx/CVE-2015-6506.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-6506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.bestpractical.com/2015/08/security-vulnerabilities-in-rt.html", - "refsource" : "CONFIRM", - "url" : "http://blog.bestpractical.com/2015/08/security-vulnerabilities-in-rt.html" - }, - { - "name" : "https://bestpractical.com/release-notes/rt/4.2.12", - "refsource" : "CONFIRM", - "url" : "https://bestpractical.com/release-notes/rt/4.2.12" - }, - { - "name" : "https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d", - "refsource" : "CONFIRM", - "url" : "https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d" - }, - { - "name" : "DSA-3335", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3335" - }, - { - "name" : "FEDORA-2015-13641", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164607.html" - }, - { - "name" : "FEDORA-2015-13664", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165163.html" - }, - { - "name" : "FEDORA-2015-13718", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165124.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bestpractical.com/release-notes/rt/4.2.12", + "refsource": "CONFIRM", + "url": "https://bestpractical.com/release-notes/rt/4.2.12" + }, + { + "name": "http://blog.bestpractical.com/2015/08/security-vulnerabilities-in-rt.html", + "refsource": "CONFIRM", + "url": "http://blog.bestpractical.com/2015/08/security-vulnerabilities-in-rt.html" + }, + { + "name": "FEDORA-2015-13718", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165124.html" + }, + { + "name": "FEDORA-2015-13641", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164607.html" + }, + { + "name": "DSA-3335", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3335" + }, + { + "name": "FEDORA-2015-13664", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165163.html" + }, + { + "name": "https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d", + "refsource": "CONFIRM", + "url": "https://github.com/bestpractical/rt/commit/36a461947b00b105336adb4997d" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7166.json b/2015/7xxx/CVE-2015-7166.json index a13a2c76ecd..dd72fcb6094 100644 --- a/2015/7xxx/CVE-2015-7166.json +++ b/2015/7xxx/CVE-2015-7166.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7166", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7166", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7654.json b/2015/7xxx/CVE-2015-7654.json index 78706b7ee32..89fd227c3c4 100644 --- a/2015/7xxx/CVE-2015-7654.json +++ b/2015/7xxx/CVE-2015-7654.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-560", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-560" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html" - }, - { - "name" : "GLSA-201511-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201511-02" - }, - { - "name" : "RHSA-2015:2023", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2023.html" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "openSUSE-SU-2015:1984", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html" - }, - { - "name" : "77533", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77533" - }, - { - "name" : "1034111", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034111", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034111" + }, + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html" + }, + { + "name": "openSUSE-SU-2015:1984", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html" + }, + { + "name": "GLSA-201511-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201511-02" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-560", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-560" + }, + { + "name": "77533", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77533" + }, + { + "name": "RHSA-2015:2023", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2023.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7771.json b/2015/7xxx/CVE-2015-7771.json index 49e41e381ce..0928c0a699f 100644 --- a/2015/7xxx/CVE-2015-7771.json +++ b/2015/7xxx/CVE-2015-7771.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID that is encountered by an applican application, a different vulnerability than CVE-2015-7772." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/en/jp/JVN71088919/995707/index.html", - "refsource" : "CONFIRM", - "url" : "http://jvn.jp/en/jp/JVN71088919/995707/index.html" - }, - { - "name" : "JVN#71088919", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN71088919/index.html" - }, - { - "name" : "JVNDB-2015-000178", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000178" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted SSID that is encountered by an applican application, a different vulnerability than CVE-2015-7772." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#71088919", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN71088919/index.html" + }, + { + "name": "JVNDB-2015-000178", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000178" + }, + { + "name": "http://jvn.jp/en/jp/JVN71088919/995707/index.html", + "refsource": "CONFIRM", + "url": "http://jvn.jp/en/jp/JVN71088919/995707/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8103.json b/2015/8xxx/CVE-2015-8103.json index 51e681d6e11..31c6af9fce3 100644 --- a/2015/8xxx/CVE-2015-8103.json +++ b/2015/8xxx/CVE-2015-8103.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the \"Groovy variant in 'ysoserial'\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38983", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38983/" - }, - { - "name" : "[oss-security] 20151109 CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/09/5" - }, - { - "name" : "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/18/2" - }, - { - "name" : "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/18/11" - }, - { - "name" : "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/18/13" - }, - { - "name" : "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins", - "refsource" : "MISC", - "url" : "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins" - }, - { - "name" : "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html" - }, - { - "name" : "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli", - "refsource" : "CONFIRM", - "url" : "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli" - }, - { - "name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11", - "refsource" : "CONFIRM", - "url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11" - }, - { - "name" : "RHSA-2016:0070", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:0070" - }, - { - "name" : "RHSA-2016:0489", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0489.html" - }, - { - "name" : "77636", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the \"Groovy variant in 'ysoserial'\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html" + }, + { + "name": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli", + "refsource": "CONFIRM", + "url": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli" + }, + { + "name": "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/18/13" + }, + { + "name": "RHSA-2016:0489", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html" + }, + { + "name": "77636", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77636" + }, + { + "name": "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/18/11" + }, + { + "name": "RHSA-2016:0070", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:0070" + }, + { + "name": "38983", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38983/" + }, + { + "name": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins", + "refsource": "MISC", + "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins" + }, + { + "name": "[oss-security] 20151109 CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/09/5" + }, + { + "name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11", + "refsource": "CONFIRM", + "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11" + }, + { + "name": "[oss-security] 20151118 Re: CVE request: Jenkins remote code execution vulnerability due to unsafe deserialization", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/18/2" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8335.json b/2015/8xxx/CVE-2015-8335.json index c6b242cd8ac..7d8429e9c7b 100644 --- a/2015/8xxx/CVE-2015-8335.json +++ b/2015/8xxx/CVE-2015-8335.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-463084.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8740.json b/2015/8xxx/CVE-2015-8740.json index c8e18fe0880..cc8b56122d7 100644 --- a/2015/8xxx/CVE-2015-8740.json +++ b/2015/8xxx/CVE-2015-8740.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-58.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-58.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "79382", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79382" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79382", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79382" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11846" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-58.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-58.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e78093f69f1e95df919bbe644baa06c7e4e720c0" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8819.json b/2015/8xxx/CVE-2015-8819.json index 880d2dce807..509f331eda5 100644 --- a/2015/8xxx/CVE-2015-8819.json +++ b/2015/8xxx/CVE-2015-8819.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8819", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8819", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0445.json b/2016/0xxx/CVE-2016-0445.json index 53960e257df..6480185451a 100644 --- a/2016/0xxx/CVE-2016-0445.json +++ b/2016/0xxx/CVE-2016-0445.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034734" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0587.json b/2016/0xxx/CVE-2016-0587.json index a9af2b3dd9b..a62c36fdd1e 100644 --- a/2016/0xxx/CVE-2016-0587.json +++ b/2016/0xxx/CVE-2016-0587.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034720", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034720" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034720", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034720" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0676.json b/2016/0xxx/CVE-2016-0676.json index 10171e30be7..7cc357d96bd 100644 --- a/2016/0xxx/CVE-2016-0676.json +++ b/2016/0xxx/CVE-2016-0676.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0676", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0676", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035629", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to the kernel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035629", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035629" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0685.json b/2016/0xxx/CVE-2016-0685.json index 8109677b5b9..c42a4f658de 100644 --- a/2016/0xxx/CVE-2016-0685.json +++ b/2016/0xxx/CVE-2016-0685.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to File Processing." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035610", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035610" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to File Processing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035610", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035610" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0759.json b/2016/0xxx/CVE-2016-0759.json index 527acde8945..f1acddee621 100644 --- a/2016/0xxx/CVE-2016-0759.json +++ b/2016/0xxx/CVE-2016-0759.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0759", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4003. Reason: This candidate is a reservation duplicate of CVE-2016-4003. Notes: All CVE users should reference CVE-2016-4003 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0759", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4003. Reason: This candidate is a reservation duplicate of CVE-2016-4003. Notes: All CVE users should reference CVE-2016-4003 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0872.json b/2016/0xxx/CVE-2016-0872.json index 6a5b1d1166a..d3134f9b974 100644 --- a/2016/0xxx/CVE-2016-0872.json +++ b/2016/0xxx/CVE-2016-0872.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0872", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. WDC stores password credentials in plaintext." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-0872", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-07", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-07" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. WDC stores password credentials in plaintext." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-07", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-07" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1996.json b/2016/1xxx/CVE-2016-1996.json index e92dadbb3db..749ccc18276 100644 --- a/2016/1xxx/CVE-2016-1996.json +++ b/2016/1xxx/CVE-2016-1996.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1996", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" - }, - { - "name" : "1035325", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE System Management Homepage before 7.5.4 allows local users to obtain sensitive information or modify data via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035325", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035325" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5095.json b/2016/5xxx/CVE-2016-5095.json index 7001f5a4e7d..37e1dd5c94e 100644 --- a/2016/5xxx/CVE-2016-5095.json +++ b/2016/5xxx/CVE-2016-5095.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160526 Re: Fwd: CVE for PHP 5.5.36 issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/26/3" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=72135", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=72135" - }, - { - "name" : "https://gist.github.com/8ef775c117d84ff15185953990a28576", - "refsource" : "CONFIRM", - "url" : "https://gist.github.com/8ef775c117d84ff15185953990a28576" - }, - { - "name" : "DSA-3602", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3602" - }, - { - "name" : "92144", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160526 Re: Fwd: CVE for PHP 5.5.36 issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/26/3" + }, + { + "name": "DSA-3602", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3602" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=72135", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=72135" + }, + { + "name": "92144", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92144" + }, + { + "name": "https://gist.github.com/8ef775c117d84ff15185953990a28576", + "refsource": "CONFIRM", + "url": "https://gist.github.com/8ef775c117d84ff15185953990a28576" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5316.json b/2016/5xxx/CVE-2016-5316.json index 3d36335c35e..059e7ca8511 100644 --- a/2016/5xxx/CVE-2016-5316.json +++ b/2016/5xxx/CVE-2016-5316.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160615 CVE-2016-5316: libtiff 4.0.6 tif_pixarlog.c: PixarLogCleanup() Segmentation fault", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/15/3" - }, - { - "name" : "DSA-3762", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3762" - }, - { - "name" : "GLSA-201701-16", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-16" - }, - { - "name" : "openSUSE-SU-2016:1889", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html" - }, - { - "name" : "openSUSE-SU-2016:2321", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html" - }, - { - "name" : "openSUSE-SU-2016:2375", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html" - }, - { - "name" : "91203", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91203", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91203" + }, + { + "name": "openSUSE-SU-2016:2321", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html" + }, + { + "name": "GLSA-201701-16", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-16" + }, + { + "name": "openSUSE-SU-2016:1889", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html" + }, + { + "name": "openSUSE-SU-2016:2375", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html" + }, + { + "name": "[oss-security] 20160615 CVE-2016-5316: libtiff 4.0.6 tif_pixarlog.c: PixarLogCleanup() Segmentation fault", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/15/3" + }, + { + "name": "DSA-3762", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3762" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5339.json b/2016/5xxx/CVE-2016-5339.json index 9188ddbad52..5e0b5652a6f 100644 --- a/2016/5xxx/CVE-2016-5339.json +++ b/2016/5xxx/CVE-2016-5339.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5339", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5339", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5966.json b/2016/5xxx/CVE-2016-5966.json index ecdc1dcff25..bcf45734249 100644 --- a/2016/5xxx/CVE-2016-5966.json +++ b/2016/5xxx/CVE-2016-5966.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-5966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Privileged Identity Manager", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.1" - }, - { - "version_value" : "1.0.1.1" - }, - { - "version_value" : "2.0.0" - }, - { - "version_value" : "2.0.1" - }, - { - "version_value" : "2.0.2" - }, - { - "version_value" : "2.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Privileged Identity Manager", + "version": { + "version_data": [ + { + "version_value": "1.0.1" + }, + { + "version_value": "1.0.1.1" + }, + { + "version_value": "2.0.0" + }, + { + "version_value": "2.0.1" + }, + { + "version_value": "2.0.2" + }, + { + "version_value": "2.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21996614", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21996614" - }, - { - "name" : "95197", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95197" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21996614", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21996614" + }, + { + "name": "95197", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95197" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0127.json b/2019/0xxx/CVE-2019-0127.json index 402e91414ab..661f0badffb 100644 --- a/2019/0xxx/CVE-2019-0127.json +++ b/2019/0xxx/CVE-2019-0127.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-02-12T00:00:00", - "ID" : "CVE-2019-0127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-02-12T00:00:00", + "ID": "CVE-2019-0127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html" - }, - { - "name" : "107110", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107110" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107110", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107110" + }, + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0368.json b/2019/0xxx/CVE-2019-0368.json index 60aa55be663..55fffa51e49 100644 --- a/2019/0xxx/CVE-2019-0368.json +++ b/2019/0xxx/CVE-2019-0368.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0368", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0368", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0524.json b/2019/0xxx/CVE-2019-0524.json index fd2abc796f7..1426369a67b 100644 --- a/2019/0xxx/CVE-2019-0524.json +++ b/2019/0xxx/CVE-2019-0524.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0524", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0524", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0837.json b/2019/0xxx/CVE-2019-0837.json index 4e93c5595ff..12b29d44cbc 100644 --- a/2019/0xxx/CVE-2019-0837.json +++ b/2019/0xxx/CVE-2019-0837.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0837", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0837", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0951.json b/2019/0xxx/CVE-2019-0951.json index eca3bc939ac..36c2d487e76 100644 --- a/2019/0xxx/CVE-2019-0951.json +++ b/2019/0xxx/CVE-2019-0951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1013.json b/2019/1xxx/CVE-2019-1013.json index 50f8e9fda64..7bb3470fe5e 100644 --- a/2019/1xxx/CVE-2019-1013.json +++ b/2019/1xxx/CVE-2019-1013.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1013", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1013", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1218.json b/2019/1xxx/CVE-2019-1218.json index af7de037681..021a1bd407c 100644 --- a/2019/1xxx/CVE-2019-1218.json +++ b/2019/1xxx/CVE-2019-1218.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1218", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1218", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1528.json b/2019/1xxx/CVE-2019-1528.json index 6f06bce6ea3..15fbdea5af8 100644 --- a/2019/1xxx/CVE-2019-1528.json +++ b/2019/1xxx/CVE-2019-1528.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1528", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1528", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1975.json b/2019/1xxx/CVE-2019-1975.json index 1c31a9f55b3..b1829bafcd7 100644 --- a/2019/1xxx/CVE-2019-1975.json +++ b/2019/1xxx/CVE-2019-1975.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1975", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1975", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4114.json b/2019/4xxx/CVE-2019-4114.json index f0c781309eb..61026ae53f9 100644 --- a/2019/4xxx/CVE-2019-4114.json +++ b/2019/4xxx/CVE-2019-4114.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4114", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4114", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4599.json b/2019/4xxx/CVE-2019-4599.json index eeafdd20d1e..a61d324a9ee 100644 --- a/2019/4xxx/CVE-2019-4599.json +++ b/2019/4xxx/CVE-2019-4599.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4599", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4599", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4722.json b/2019/4xxx/CVE-2019-4722.json index b94222b6901..f1d926174f8 100644 --- a/2019/4xxx/CVE-2019-4722.json +++ b/2019/4xxx/CVE-2019-4722.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4722", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4722", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5395.json b/2019/5xxx/CVE-2019-5395.json index a3f301deb12..53ea6911875 100644 --- a/2019/5xxx/CVE-2019-5395.json +++ b/2019/5xxx/CVE-2019-5395.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5395", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5395", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5401.json b/2019/5xxx/CVE-2019-5401.json index 20eaaa06e73..4021cb9ff43 100644 --- a/2019/5xxx/CVE-2019-5401.json +++ b/2019/5xxx/CVE-2019-5401.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5401", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5401", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5519.json b/2019/5xxx/CVE-2019-5519.json index d904e0a7913..83221c120a7 100644 --- a/2019/5xxx/CVE-2019-5519.json +++ b/2019/5xxx/CVE-2019-5519.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5519", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5519", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5673.json b/2019/5xxx/CVE-2019-5673.json index c2433c87ed4..114c6dd6fa7 100644 --- a/2019/5xxx/CVE-2019-5673.json +++ b/2019/5xxx/CVE-2019-5673.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5673", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5673", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8021.json b/2019/8xxx/CVE-2019-8021.json index d3cda2cd730..de4aefcc220 100644 --- a/2019/8xxx/CVE-2019-8021.json +++ b/2019/8xxx/CVE-2019-8021.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8021", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8021", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8268.json b/2019/8xxx/CVE-2019-8268.json index 0020e649774..2408aab5666 100644 --- a/2019/8xxx/CVE-2019-8268.json +++ b/2019/8xxx/CVE-2019-8268.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "DATE_PUBLIC" : "2019-03-01T00:00:00", - "ID" : "CVE-2019-8268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UltraVNC", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "Kaspersky Lab" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-193: Off-by-one Error" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "DATE_PUBLIC": "2019-03-01T00:00:00", + "ID": "CVE-2019-8268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UltraVNC", + "version": { + "version_data": [ + { + "version_value": "1.2.2.3" + } + ] + } + } + ] + }, + "vendor_name": "Kaspersky Lab" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/", - "refsource" : "MISC", - "url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-193: Off-by-one Error" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/", + "refsource": "MISC", + "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8905.json b/2019/8xxx/CVE-2019-8905.json index 9b155e9c86d..a66a6986815 100644 --- a/2019/8xxx/CVE-2019-8905.json +++ b/2019/8xxx/CVE-2019-8905.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190228 [SECURITY] [DLA 1698-1] file security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" - }, - { - "name" : "https://bugs.astron.com/view.php?id=63", - "refsource" : "MISC", - "url" : "https://bugs.astron.com/view.php?id=63" - }, - { - "name" : "107137", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107137" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107137", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107137" + }, + { + "name": "[debian-lts-announce] 20190228 [SECURITY] [DLA 1698-1] file security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html" + }, + { + "name": "https://bugs.astron.com/view.php?id=63", + "refsource": "MISC", + "url": "https://bugs.astron.com/view.php?id=63" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8945.json b/2019/8xxx/CVE-2019-8945.json index 5e1829e8cd1..65f85259783 100644 --- a/2019/8xxx/CVE-2019-8945.json +++ b/2019/8xxx/CVE-2019-8945.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8945", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8945", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9022.json b/2019/9xxx/CVE-2019-9022.json index a4a545ea192..3225e2b0776 100644 --- a/2019/9xxx/CVE-2019-9022.json +++ b/2019/9xxx/CVE-2019-9022.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.php.net/bug.php?id=77369", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=77369" - }, - { - "name" : "DSA-4398", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2019/dsa-4398" - }, - { - "name" : "USN-3902-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3902-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-4398", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2019/dsa-4398" + }, + { + "name": "USN-3902-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3902-1/" + }, + { + "name": "https://bugs.php.net/bug.php?id=77369", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=77369" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9240.json b/2019/9xxx/CVE-2019-9240.json index a9b0139fea9..826ee307b93 100644 --- a/2019/9xxx/CVE-2019-9240.json +++ b/2019/9xxx/CVE-2019-9240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9240", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9240", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9821.json b/2019/9xxx/CVE-2019-9821.json index 74719f42203..dc7870da82b 100644 --- a/2019/9xxx/CVE-2019-9821.json +++ b/2019/9xxx/CVE-2019-9821.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9821", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9821", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file