diff --git a/1999/0xxx/CVE-1999-0700.json b/1999/0xxx/CVE-1999-0700.json index 0465d9ded73..d1cfaf5bc93 100644 --- a/1999/0xxx/CVE-1999-0700.json +++ b/1999/0xxx/CVE-1999-0700.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q237185", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237185" - }, - { - "name" : "MS99-026", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS99-026", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026" + }, + { + "name": "Q237185", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237185" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0753.json b/1999/0xxx/CVE-1999-0753.json index 09b6744825c..2e5a71ce7a4 100644 --- a/1999/0xxx/CVE-1999-0753.json +++ b/1999/0xxx/CVE-1999-0753.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0753", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "591", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "591", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/591" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1174.json b/1999/1xxx/CVE-1999-1174.json index 2edba54996f..b5255773c18 100644 --- a/1999/1xxx/CVE-1999-1174.json +++ b/1999/1xxx/CVE-1999-1174.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.counterpane.com/crypto-gram-9812.html#doghouse", - "refsource" : "MISC", - "url" : "http://www.counterpane.com/crypto-gram-9812.html#doghouse" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.counterpane.com/crypto-gram-9812.html#doghouse", + "refsource": "MISC", + "url": "http://www.counterpane.com/crypto-gram-9812.html#doghouse" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1335.json b/1999/1xxx/CVE-1999-1335.json index 39ff21deae7..b961061d731 100644 --- a/1999/1xxx/CVE-1999-1335.json +++ b/1999/1xxx/CVE-1999-1335.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp", - "refsource" : "CONFIRM", - "url" : "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" - }, - { - "name" : "cmusnmp-read-write(7251)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp", + "refsource": "CONFIRM", + "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" + }, + { + "name": "cmusnmp-read-write(7251)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1353.json b/1999/1xxx/CVE-1999-1353.json index bcac3626400..2d6da77fff6 100644 --- a/1999/1xxx/CVE-1999-1353.json +++ b/1999/1xxx/CVE-1999-1353.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1353", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1353", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990907 MsgCore mailserver stores passwords in clear text", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93698162708211&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990907 MsgCore mailserver stores passwords in clear text", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93698162708211&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0064.json b/2000/0xxx/CVE-2000-0064.json index cf6df387dff..8fa3a5ceabe 100644 --- a/2000/0xxx/CVE-2000-0064.json +++ b/2000/0xxx/CVE-2000-0064.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "938", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/938" - }, - { - "name" : "7583", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7583" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7583", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7583" + }, + { + "name": "938", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/938" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0289.json b/2000/0xxx/CVE-2000-0289.json index fd7f64dd02a..fa8a1a39c42 100644 --- a/2000/0xxx/CVE-2000-0289.json +++ b/2000/0xxx/CVE-2000-0289.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000327 Security Problems with Linux 2.2.x IP Masquerading", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" - }, - { - "name" : "20000520 Security hole in kernel < 2.2.15", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" - }, - { - "name" : "1078", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000327 Security Problems with Linux 2.2.x IP Masquerading", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" + }, + { + "name": "1078", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1078" + }, + { + "name": "20000520 Security hole in kernel < 2.2.15", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0305.json b/2000/0xxx/CVE-2000-0305.json index 116083ccc45..9e5959b85b4 100644 --- a/2000/0xxx/CVE-2000-0305.json +++ b/2000/0xxx/CVE-2000-0305.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000519 jolt2 - Remote DoS against NT, W2K, 9x", - "refsource" : "BINDVIEW", - "url" : "http://www.securityfocus.com/templates/advisory.html?id=2240" - }, - { - "name" : "MS00-029", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" - }, - { - "name" : "1236", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1236" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS00-029", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" + }, + { + "name": "20000519 jolt2 - Remote DoS against NT, W2K, 9x", + "refsource": "BINDVIEW", + "url": "http://www.securityfocus.com/templates/advisory.html?id=2240" + }, + { + "name": "1236", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1236" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0409.json b/2000/0xxx/CVE-2000-0409.json index 2caf3fe3795..4b3984868a3 100644 --- a/2000/0xxx/CVE-2000-0409.json +++ b/2000/0xxx/CVE-2000-0409.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0409", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000510 Possible symlink problems with Netscape 4.73", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html" - }, - { - "name" : "1201", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1201", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1201" + }, + { + "name": "20000510 Possible symlink problems with Netscape 4.73", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0471.json b/2000/0xxx/CVE-2000-0471.json index cebd0571f06..9af6c5fc5f5 100644 --- a/2000/0xxx/CVE-2000-0471.json +++ b/2000/0xxx/CVE-2000-0471.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0471", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0471", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000614 Vulnerability in Solaris ufsrestore", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html" - }, - { - "name" : "00210", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210" - }, - { - "name" : "VU#36866", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/36866" - }, - { - "name" : "1348", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1348" - }, - { - "name" : "1398", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1398" - }, - { - "name" : "sol-ufsrestore-bo(4711)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1348", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1348" + }, + { + "name": "sol-ufsrestore-bo(4711)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4711" + }, + { + "name": "20000614 Vulnerability in Solaris ufsrestore", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html" + }, + { + "name": "00210", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210" + }, + { + "name": "1398", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1398" + }, + { + "name": "VU#36866", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/36866" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0869.json b/2000/0xxx/CVE-2000-0869.json index c5ba16920b5..a3c81ae253c 100644 --- a/2000/0xxx/CVE-2000-0869.json +++ b/2000/0xxx/CVE-2000-0869.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "A090700-3", - "refsource" : "ATSTAKE", - "url" : "http://www.atstake.com/research/advisories/2000/a090700-3.txt" - }, - { - "name" : "20000907", - "refsource" : "SUSE", - "url" : "http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html" - }, - { - "name" : "1656", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1656" - }, - { - "name" : "apache-webdav-directory-listings(5204)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000907", + "refsource": "SUSE", + "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html" + }, + { + "name": "apache-webdav-directory-listings(5204)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5204" + }, + { + "name": "A090700-3", + "refsource": "ATSTAKE", + "url": "http://www.atstake.com/research/advisories/2000/a090700-3.txt" + }, + { + "name": "1656", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1656" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0894.json b/2000/0xxx/CVE-2000-0894.json index af1b0eded5a..00a665b4730 100644 --- a/2000/0xxx/CVE-2000-0894.json +++ b/2000/0xxx/CVE-2000-0894.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0894", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0894", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall", - "refsource" : "ISS", - "url" : "http://xforce.iss.net/alerts/advise70.php" - }, - { - "name" : "watchguard-soho-web-auth(5554)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5554" - }, - { - "name" : "2119", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2119" - }, - { - "name" : "4404", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "watchguard-soho-web-auth(5554)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5554" + }, + { + "name": "4404", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4404" + }, + { + "name": "20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall", + "refsource": "ISS", + "url": "http://xforce.iss.net/alerts/advise70.php" + }, + { + "name": "2119", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2119" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0135.json b/2007/0xxx/CVE-2007-0135.json index 69f401f1a13..741952ab3d2 100644 --- a/2007/0xxx/CVE-2007-0135.json +++ b/2007/0xxx/CVE-2007-0135.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the current_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070108 Source verify of Aratix RFI", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-January/001219.html" - }, - { - "name" : "http://securityreason.com/exploitalert/1698", - "refsource" : "MISC", - "url" : "http://securityreason.com/exploitalert/1698" - }, - { - "name" : "3079", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3079" - }, - { - "name" : "ADV-2007-0054", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0054" - }, - { - "name" : "33405", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33405" - }, - { - "name" : "aratix-init-file-include(31282)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the current_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070108 Source verify of Aratix RFI", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-January/001219.html" + }, + { + "name": "33405", + "refsource": "OSVDB", + "url": "http://osvdb.org/33405" + }, + { + "name": "aratix-init-file-include(31282)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31282" + }, + { + "name": "http://securityreason.com/exploitalert/1698", + "refsource": "MISC", + "url": "http://securityreason.com/exploitalert/1698" + }, + { + "name": "ADV-2007-0054", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0054" + }, + { + "name": "3079", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3079" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0790.json b/2007/0xxx/CVE-2007-0790.json index d7567ec11c7..64c553de65d 100644 --- a/2007/0xxx/CVE-2007-0790.json +++ b/2007/0xxx/CVE-2007-0790.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0790", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3277", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3277" - }, - { - "name" : "22390", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22390" - }, - { - "name" : "33086", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33086" - }, - { - "name" : "24051", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24051" - }, - { - "name" : "smartftp-banner-bo(32214)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3277", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3277" + }, + { + "name": "22390", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22390" + }, + { + "name": "24051", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24051" + }, + { + "name": "33086", + "refsource": "OSVDB", + "url": "http://osvdb.org/33086" + }, + { + "name": "smartftp-banner-bo(32214)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32214" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1330.json b/2007/1xxx/CVE-2007-1330.json index 7ccf490de55..9d05e9ba839 100644 --- a/2007/1xxx/CVE-2007-1330.json +++ b/2007/1xxx/CVE-2007-1330.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall registry key by guessing the name of a named pipe under \\Device\\NamedPipe\\OLE and attempting to open it multiple times." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070301 Comodo Bypassing settings protection using magic pipe Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461635/100/0/threaded" - }, - { - "name" : "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php" - }, - { - "name" : "22775", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22775" - }, - { - "name" : "34957", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34957" - }, - { - "name" : "2388", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2388" - }, - { - "name" : "comodofirewallpro-pipe-security-bypass(32771)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32771" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall registry key by guessing the name of a named pipe under \\Device\\NamedPipe\\OLE and attempting to open it multiple times." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22775", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22775" + }, + { + "name": "comodofirewallpro-pipe-security-bypass(32771)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32771" + }, + { + "name": "2388", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2388" + }, + { + "name": "20070301 Comodo Bypassing settings protection using magic pipe Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461635/100/0/threaded" + }, + { + "name": "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php" + }, + { + "name": "34957", + "refsource": "OSVDB", + "url": "http://osvdb.org/34957" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1502.json b/2007/1xxx/CVE-2007-1502.json index 150d3e7d4b7..e93ae2dc21a 100644 --- a/2007/1xxx/CVE-2007-1502.json +++ b/2007/1xxx/CVE-2007-1502.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1502", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1502", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070317 Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463092/100/0/threaded" - }, - { - "name" : "23011", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23011" - }, - { - "name" : "35002", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35002" - }, - { - "name" : "35003", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35003" - }, - { - "name" : "35004", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35004" - }, - { - "name" : "2447", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2447" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2447", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2447" + }, + { + "name": "20070317 Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463092/100/0/threaded" + }, + { + "name": "23011", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23011" + }, + { + "name": "35004", + "refsource": "OSVDB", + "url": "http://osvdb.org/35004" + }, + { + "name": "35003", + "refsource": "OSVDB", + "url": "http://osvdb.org/35003" + }, + { + "name": "35002", + "refsource": "OSVDB", + "url": "http://osvdb.org/35002" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1659.json b/2007/1xxx/CVE-2007-1659.json index ffe85738389..d168f2c756b 100644 --- a/2007/1xxx/CVE-2007-1659.json +++ b/2007/1xxx/CVE-2007-1659.json @@ -1,347 +1,347 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched \"\\Q\\E\" sequences with orphan \"\\E\" codes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071106 rPSA-2007-0231-1 pcre", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483357/100/0/threaded" - }, - { - "name" : "20071112 FLEA-2007-0064-1 pcre", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483579/100/0/threaded" - }, - { - "name" : "[gtk-devel-list] 20071107 GLib 2.14.3", - "refsource" : "MLIST", - "url" : "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=198976", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=198976" - }, - { - "name" : "http://www.pcre.org/changelog.txt", - "refsource" : "CONFIRM", - "url" : "http://www.pcre.org/changelog.txt" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1738", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1738" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307179", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307179" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "APPLE-SA-2007-12-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "DSA-1399", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1399" - }, - { - "name" : "DSA-1570", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1570" - }, - { - "name" : "FEDORA-2008-1842", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html" - }, - { - "name" : "GLSA-200711-30", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-30.xml" - }, - { - "name" : "GLSA-200801-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-02.xml" - }, - { - "name" : "GLSA-200801-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-18.xml" - }, - { - "name" : "GLSA-200801-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-19.xml" - }, - { - "name" : "GLSA-200805-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200805-11.xml" - }, - { - "name" : "MDKSA-2007:211", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211" - }, - { - "name" : "MDKSA-2007:212", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:212" - }, - { - "name" : "MDVSA-2008:030", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030" - }, - { - "name" : "RHSA-2007:0967", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0967.html" - }, - { - "name" : "RHSA-2007:1068", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1068.html" - }, - { - "name" : "SUSE-SA:2007:062", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_62_pcre.html" - }, - { - "name" : "SUSE-SR:2007:025", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" - }, - { - "name" : "SUSE-SA:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" - }, - { - "name" : "USN-547-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/547-1/" - }, - { - "name" : "TA07-352A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" - }, - { - "name" : "26346", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26346" - }, - { - "name" : "oval:org.mitre.oval:def:9725", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725" - }, - { - "name" : "ADV-2007-3725", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3725" - }, - { - "name" : "ADV-2007-3790", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3790" - }, - { - "name" : "ADV-2007-4238", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4238" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "1018895", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018895" - }, - { - "name" : "27598", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27598" - }, - { - "name" : "27538", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27538" - }, - { - "name" : "27543", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27543" - }, - { - "name" : "27547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27547" - }, - { - "name" : "27554", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27554" - }, - { - "name" : "27741", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27741" - }, - { - "name" : "27773", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27773" - }, - { - "name" : "27697", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27697" - }, - { - "name" : "28041", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28041" - }, - { - "name" : "27965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27965" - }, - { - "name" : "28136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28136" - }, - { - "name" : "28406", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28406" - }, - { - "name" : "28414", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28414" - }, - { - "name" : "28658", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28658" - }, - { - "name" : "28714", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28714" - }, - { - "name" : "28720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28720" - }, - { - "name" : "29267", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29267" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "30155", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30155" - }, - { - "name" : "30219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30219" - }, - { - "name" : "30106", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30106" - }, - { - "name" : "pcre-regex-code-execution(38272)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched \"\\Q\\E\" sequences with orphan \"\\E\" codes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30219" + }, + { + "name": "MDKSA-2007:212", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:212" + }, + { + "name": "27965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27965" + }, + { + "name": "29267", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29267" + }, + { + "name": "USN-547-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/547-1/" + }, + { + "name": "GLSA-200711-30", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml" + }, + { + "name": "ADV-2007-4238", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4238" + }, + { + "name": "20071106 rPSA-2007-0231-1 pcre", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded" + }, + { + "name": "TA07-352A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" + }, + { + "name": "27538", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27538" + }, + { + "name": "20071112 FLEA-2007-0064-1 pcre", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded" + }, + { + "name": "28136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28136" + }, + { + "name": "MDVSA-2008:030", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030" + }, + { + "name": "DSA-1570", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1570" + }, + { + "name": "SUSE-SA:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1738", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1738" + }, + { + "name": "28658", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28658" + }, + { + "name": "27773", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27773" + }, + { + "name": "27697", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27697" + }, + { + "name": "28406", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28406" + }, + { + "name": "27554", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27554" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "SUSE-SR:2007:025", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html" + }, + { + "name": "27547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27547" + }, + { + "name": "27543", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27543" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm" + }, + { + "name": "[gtk-devel-list] 20071107 GLib 2.14.3", + "refsource": "MLIST", + "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "APPLE-SA-2007-12-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" + }, + { + "name": "pcre-regex-code-execution(38272)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38272" + }, + { + "name": "RHSA-2007:1068", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html" + }, + { + "name": "GLSA-200805-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "MDKSA-2007:211", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211" + }, + { + "name": "FEDORA-2008-1842", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html" + }, + { + "name": "28041", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28041" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307179", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307179" + }, + { + "name": "27741", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27741" + }, + { + "name": "ADV-2007-3790", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3790" + }, + { + "name": "1018895", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018895" + }, + { + "name": "ADV-2007-3725", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3725" + }, + { + "name": "SUSE-SA:2007:062", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html" + }, + { + "name": "http://www.pcre.org/changelog.txt", + "refsource": "CONFIRM", + "url": "http://www.pcre.org/changelog.txt" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "30155", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30155" + }, + { + "name": "RHSA-2007:0967", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0967.html" + }, + { + "name": "28720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28720" + }, + { + "name": "GLSA-200801-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml" + }, + { + "name": "oval:org.mitre.oval:def:9725", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725" + }, + { + "name": "27598", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27598" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976" + }, + { + "name": "GLSA-200801-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml" + }, + { + "name": "GLSA-200801-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml" + }, + { + "name": "DSA-1399", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1399" + }, + { + "name": "28414", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28414" + }, + { + "name": "26346", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26346" + }, + { + "name": "30106", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30106" + }, + { + "name": "28714", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28714" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1883.json b/2007/1xxx/CVE-2007-1883.json index 265579906e1..15e6d985e1c 100644 --- a/2007/1xxx/CVE-2007-1883.json +++ b/2007/1xxx/CVE-2007-1883.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1883", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1883", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-37-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-37-2007.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "24542", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24542" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "php-userspace-information-disclosure(33750)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24542", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24542" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-37-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-37-2007.html" + }, + { + "name": "php-userspace-information-disclosure(33750)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5079.json b/2007/5xxx/CVE-2007-5079.json index 15b977219da..0fdc4a2ce63 100644 --- a/2007/5xxx/CVE-2007-5079.json +++ b/2007/5xxx/CVE-2007-5079.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=181302", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=181302" - }, - { - "name" : "RHSA-2010:0657", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0657.html" - }, - { - "name" : "rhel-tcpwrapper-security-bypass(36791)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2010:0657", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=181302", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302" + }, + { + "name": "rhel-tcpwrapper-security-bypass(36791)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5290.json b/2007/5xxx/CVE-2007-5290.json index 4c3cc334f42..748deb8d2eb 100644 --- a/2007/5xxx/CVE-2007-5290.json +++ b/2007/5xxx/CVE-2007-5290.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5290", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5290", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071005 Reporting Vulnerable Public Web mail", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=119161078031690&w=2" - }, - { - "name" : "25942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25942" - }, - { - "name" : "ADV-2007-3450", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3450" - }, - { - "name" : "37649", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37649" - }, - { - "name" : "37650", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37650" - }, - { - "name" : "1018783", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018783" - }, - { - "name" : "27073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27073" - }, - { - "name" : "mailbee-login-default-xss(36979)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3450", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3450" + }, + { + "name": "37649", + "refsource": "OSVDB", + "url": "http://osvdb.org/37649" + }, + { + "name": "1018783", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018783" + }, + { + "name": "37650", + "refsource": "OSVDB", + "url": "http://osvdb.org/37650" + }, + { + "name": "25942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25942" + }, + { + "name": "20071005 Reporting Vulnerable Public Web mail", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=119161078031690&w=2" + }, + { + "name": "27073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27073" + }, + { + "name": "mailbee-login-default-xss(36979)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36979" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5502.json b/2007/5xxx/CVE-2007-5502.json index 062d1ac349b..8cee397b9ec 100644 --- a/2007/5xxx/CVE-2007-5502.json +++ b/2007/5xxx/CVE-2007-5502.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5502", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5502", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openssl.org/news/secadv_20071129.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openssl.org/news/secadv_20071129.txt" - }, - { - "name" : "VU#150249", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/150249" - }, - { - "name" : "26652", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26652" - }, - { - "name" : "ADV-2007-4044", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4044" - }, - { - "name" : "1019029", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019029" - }, - { - "name" : "27859", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27859" - }, - { - "name" : "openssl-fips-prng-security-bypass(38796)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-4044", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4044" + }, + { + "name": "26652", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26652" + }, + { + "name": "1019029", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019029" + }, + { + "name": "http://www.openssl.org/news/secadv_20071129.txt", + "refsource": "CONFIRM", + "url": "http://www.openssl.org/news/secadv_20071129.txt" + }, + { + "name": "27859", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27859" + }, + { + "name": "openssl-fips-prng-security-bypass(38796)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38796" + }, + { + "name": "VU#150249", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/150249" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5529.json b/2007/5xxx/CVE-2007-5529.json index a056449e0d4..c623aabcc54 100644 --- a/2007/5xxx/CVE-2007-5529.json +++ b/2007/5xxx/CVE-2007-5529.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "TA07-290A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" - }, - { - "name" : "ADV-2007-3524", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3524" - }, - { - "name" : "ADV-2007-3626", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3626" - }, - { - "name" : "1018823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018823" - }, - { - "name" : "27251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27251" - }, - { - "name" : "27409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "ADV-2007-3524", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3524" + }, + { + "name": "ADV-2007-3626", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3626" + }, + { + "name": "TA07-290A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "1018823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018823" + }, + { + "name": "27409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27409" + }, + { + "name": "27251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27251" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5748.json b/2007/5xxx/CVE-2007-5748.json index e492831b59a..8899dd38b92 100644 --- a/2007/5xxx/CVE-2007-5748.json +++ b/2007/5xxx/CVE-2007-5748.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5748", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5748", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5869.json b/2007/5xxx/CVE-2007-5869.json index 4ed66b566ac..ee8cbb28820 100644 --- a/2007/5xxx/CVE-2007-5869.json +++ b/2007/5xxx/CVE-2007-5869.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5869", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5869", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3004.json b/2015/3xxx/CVE-2015-3004.json index 664bd7918ee..713d137f1d7 100644 --- a/2015/3xxx/CVE-2015-3004.json +++ b/2015/3xxx/CVE-2015-3004.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675" - }, - { - "name" : "74017", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74017" - }, - { - "name" : "1032090", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032090" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032090", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032090" + }, + { + "name": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675" + }, + { + "name": "74017", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74017" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3425.json b/2015/3xxx/CVE-2015-3425.json index 0ec6a452dcd..8913f7f4c8a 100644 --- a/2015/3xxx/CVE-2015-3425.json +++ b/2015/3xxx/CVE-2015-3425.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3425", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3425", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3930.json b/2015/3xxx/CVE-2015-3930.json index 008b3a29e17..5e145761aaa 100644 --- a/2015/3xxx/CVE-2015-3930.json +++ b/2015/3xxx/CVE-2015-3930.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3930", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3930", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3986.json b/2015/3xxx/CVE-2015-3986.json index 2f7cedea967..2e6e4d7c07b 100644 --- a/2015/3xxx/CVE-2015-3986.json +++ b/2015/3xxx/CVE-2015-3986.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3986", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators for requests that conduct directory traversal attacks via the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3986", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535396/100/0/threaded" - }, - { - "name" : "36860", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36860/" - }, - { - "name" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23254", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23254" - }, - { - "name" : "https://wordpress.org/plugins/thecartpress/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/thecartpress/changelog/" - }, - { - "name" : "74395", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74395" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators for requests that conduct directory traversal attacks via the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.htbridge.com/advisory/HTB23254", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23254" + }, + { + "name": "https://wordpress.org/plugins/thecartpress/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/thecartpress/changelog/" + }, + { + "name": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html" + }, + { + "name": "74395", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74395" + }, + { + "name": "36860", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36860/" + }, + { + "name": "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535396/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4354.json b/2015/4xxx/CVE-2015-4354.json index f63f11c0b24..124e01d7169 100644 --- a/2015/4xxx/CVE-2015-4354.json +++ b/2015/4xxx/CVE-2015-4354.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4354", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" - }, - { - "name" : "https://www.drupal.org/node/2437991", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2437991" - }, - { - "name" : "https://www.drupal.org/node/2463199", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2463199" - }, - { - "name" : "https://www.drupal.org/node/2463207", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2463207" - }, - { - "name" : "72812", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72812" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72812", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72812" + }, + { + "name": "https://www.drupal.org/node/2463199", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2463199" + }, + { + "name": "https://www.drupal.org/node/2437991", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2437991" + }, + { + "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6" + }, + { + "name": "https://www.drupal.org/node/2463207", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2463207" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4713.json b/2015/4xxx/CVE-2015-4713.json index 6823cce9d61..ba5a6b609b6 100644 --- a/2015/4xxx/CVE-2015-4713.json +++ b/2015/4xxx/CVE-2015-4713.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html" - }, - { - "name" : "75390", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html" + }, + { + "name": "75390", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75390" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7131.json b/2015/7xxx/CVE-2015-7131.json index 6bb0dc2e371..d9e18c0ee28 100644 --- a/2015/7xxx/CVE-2015-7131.json +++ b/2015/7xxx/CVE-2015-7131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7131", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7131", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7378.json b/2015/7xxx/CVE-2015-7378.json index 144995b2d78..9a6e4d91d31 100644 --- a/2015/7xxx/CVE-2015-7378.json +++ b/2015/7xxx/CVE-2015-7378.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7378", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the \"Panda Security URL Filtering\" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39670", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39670/" - }, - { - "name" : "20160406 Panda Security 2016 Home User Products - Privilege Escalation", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Apr/25" - }, - { - "name" : "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the \"Panda Security URL Filtering\" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html" + }, + { + "name": "39670", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39670/" + }, + { + "name": "20160406 Panda Security 2016 Home User Products - Privilege Escalation", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Apr/25" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7467.json b/2015/7xxx/CVE-2015-7467.json index d9e62e94a2e..6c2a2cf0ac1 100644 --- a/2015/7xxx/CVE-2015-7467.json +++ b/2015/7xxx/CVE-2015-7467.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7467", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7467", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972485", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972485", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972485" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7767.json b/2015/7xxx/CVE-2015-7767.json index 048020b7c14..f5a73246444 100644 --- a/2015/7xxx/CVE-2015-7767.json +++ b/2015/7xxx/CVE-2015-7767.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long USER command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37908", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37908/" - }, - { - "name" : "38252", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38252/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long USER command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37908", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37908/" + }, + { + "name": "38252", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38252/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8183.json b/2015/8xxx/CVE-2015-8183.json index 5c1d7800fbe..564910bcd73 100644 --- a/2015/8xxx/CVE-2015-8183.json +++ b/2015/8xxx/CVE-2015-8183.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8183", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8183", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8362.json b/2015/8xxx/CVE-2015-8362.json index 4ec37e2c4e5..128beb63226 100644 --- a/2015/8xxx/CVE-2015-8362.json +++ b/2015/8xxx/CVE-2015-8362.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537343/100/0/threaded" - }, - { - "name" : "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/63" - }, - { - "name" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html", - "refsource" : "MISC", - "url" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html" - }, - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02" - }, - { - "name" : "http://www.amx.com/techcenter/NXSecurityBrief/", - "refsource" : "CONFIRM", - "url" : "http://www.amx.com/techcenter/NXSecurityBrief/" - }, - { - "name" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files", - "refsource" : "CONFIRM", - "url" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files" - }, - { - "name" : "VU#992624", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/992624" - }, - { - "name" : "81545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81545" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#992624", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/992624" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02" + }, + { + "name": "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/63" + }, + { + "name": "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537343/100/0/threaded" + }, + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt" + }, + { + "name": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files", + "refsource": "CONFIRM", + "url": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files" + }, + { + "name": "81545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81545" + }, + { + "name": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html", + "refsource": "MISC", + "url": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html" + }, + { + "name": "http://www.amx.com/techcenter/NXSecurityBrief/", + "refsource": "CONFIRM", + "url": "http://www.amx.com/techcenter/NXSecurityBrief/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8419.json b/2015/8xxx/CVE-2015-8419.json index 467e5723b87..d9a4cf0d96b 100644 --- a/2015/8xxx/CVE-2015-8419.json +++ b/2015/8xxx/CVE-2015-8419.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78710", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78710" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + }, + { + "name": "78710", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78710" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8890.json b/2015/8xxx/CVE-2015-8890.json index 7fe2c330cf6..0c764e18318 100644 --- a/2015/8xxx/CVE-2015-8890.json +++ b/2015/8xxx/CVE-2015-8890.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8890", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8890", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-07-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-07-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4" - }, - { - "name" : "91628", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4" + }, + { + "name": "91628", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91628" + }, + { + "name": "http://source.android.com/security/bulletin/2016-07-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-07-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8974.json b/2015/8xxx/CVE-2015-8974.json index 6f8c1b65efb..66e2a3e550b 100644 --- a/2015/8xxx/CVE-2015-8974.json +++ b/2015/8xxx/CVE-2015-8974.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8974", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8974", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" - }, - { - "name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" - }, - { - "name" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/", - "refsource" : "CONFIRM", - "url" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/" - }, - { - "name" : "94397", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/", + "refsource": "CONFIRM", + "url": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/" + }, + { + "name": "94397", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94397" + }, + { + "name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/1" + }, + { + "name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/10/8" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9024.json b/2015/9xxx/CVE-2015-9024.json index 7ff16d87a0f..fd54dcf202a 100644 --- a/2015/9xxx/CVE-2015-9024.json +++ b/2015/9xxx/CVE-2015-9024.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2015-9024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control Vulnerability in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2015-9024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control Vulnerability in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9132.json b/2015/9xxx/CVE-2015-9132.json index 667cabc1b7a..a46ea1d2e56 100644 --- a/2015/9xxx/CVE-2015-9132.json +++ b/2015/9xxx/CVE-2015-9132.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9132", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile,Small Cell SoC", - "version" : { - "version_data" : [ - { - "version_value" : "FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 810" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted pointer dereference may cause arbitrary reads in QSEE syscall helper module" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9132", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile,Small Cell SoC", + "version": { + "version_data": [ + { + "version_value": "FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 810" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted pointer dereference may cause arbitrary reads in QSEE syscall helper module" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0731.json b/2016/0xxx/CVE-2016-0731.json index 0ca9800ecbd..439c5d1fcb5 100644 --- a/2016/0xxx/CVE-2016-0731.json +++ b/2016/0xxx/CVE-2016-0731.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1", - "refsource" : "CONFIRM", - "url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1" - }, - { - "name" : "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html", - "refsource" : "CONFIRM", - "url" : "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html" - }, - { - "name" : "https://issues.apache.org/jira/browse/AMBARI-14780", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/AMBARI-14780" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://issues.apache.org/jira/browse/AMBARI-14780", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/AMBARI-14780" + }, + { + "name": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html", + "refsource": "CONFIRM", + "url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html" + }, + { + "name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1", + "refsource": "CONFIRM", + "url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1171.json b/2016/1xxx/CVE-2016-1171.json index f021985b046..08079497ee8 100644 --- a/2016/1xxx/CVE-2016-1171.json +++ b/2016/1xxx/CVE-2016-1171.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://hiniarata.jp/news/archives/55", - "refsource" : "CONFIRM", - "url" : "https://hiniarata.jp/news/archives/55" - }, - { - "name" : "JVN#13288761", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN13288761/index.html" - }, - { - "name" : "JVNDB-2016-000040", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#13288761", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN13288761/index.html" + }, + { + "name": "https://hiniarata.jp/news/archives/55", + "refsource": "CONFIRM", + "url": "https://hiniarata.jp/news/archives/55" + }, + { + "name": "JVNDB-2016-000040", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000040" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1384.json b/2016/1xxx/CVE-2016-1384.json index 282d73ac7fd..b643f91471f 100644 --- a/2016/1xxx/CVE-2016-1384.json +++ b/2016/1xxx/CVE-2016-1384.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1384", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1384", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160419 Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios" - }, - { - "name" : "86685", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86685" - }, - { - "name" : "1035622", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035622" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "86685", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86685" + }, + { + "name": "1035622", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035622" + }, + { + "name": "20160419 Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5187.json b/2016/5xxx/CVE-2016-5187.json index f8dad52be17..8c6e4499b96 100644 --- a/2016/5xxx/CVE-2016-5187.json +++ b/2016/5xxx/CVE-2016-5187.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5187", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome prior to 54.0.2840.85 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Chrome prior to 54.0.2840.85 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "spoof the contents of the Omnibox (URL bar)" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5187", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome prior to 54.0.2840.85 for Android", + "version": { + "version_data": [ + { + "version_value": "Chrome prior to 54.0.2840.85 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/639702", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/639702" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:2067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" - }, - { - "name" : "93528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "spoof the contents of the Omnibox (URL bar)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/639702", + "refsource": "CONFIRM", + "url": "https://crbug.com/639702" + }, + { + "name": "93528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93528" + }, + { + "name": "RHSA-2016:2067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5189.json b/2016/5xxx/CVE-2016-5189.json index a9879ab4a49..3898e2eb236 100644 --- a/2016/5xxx/CVE-2016-5189.json +++ b/2016/5xxx/CVE-2016-5189.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "spoof the contents of the Omnibox (URL bar)" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android", + "version": { + "version_data": [ + { + "version_value": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/646278", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/646278" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:2067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" - }, - { - "name" : "93528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "spoof the contents of the Omnibox (URL bar)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/646278", + "refsource": "CONFIRM", + "url": "https://crbug.com/646278" + }, + { + "name": "93528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93528" + }, + { + "name": "RHSA-2016:2067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5195.json b/2016/5xxx/CVE-2016-5195.json index db20d0e8382..d75a4fc4f21 100644 --- a/2016/5xxx/CVE-2016-5195.json +++ b/2016/5xxx/CVE-2016-5195.json @@ -1,302 +1,302 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5195", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5195", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40839", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40839/" - }, - { - "name" : "40847", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40847/" - }, - { - "name" : "40611", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40611/" - }, - { - "name" : "40616", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40616/" - }, - { - "name" : "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/26/7" - }, - { - "name" : "https://dirtycow.ninja", - "refsource" : "MISC", - "url" : "https://dirtycow.ninja" - }, - { - "name" : "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs", - "refsource" : "MISC", - "url" : "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs" - }, - { - "name" : "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails", - "refsource" : "MISC", - "url" : "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3" - }, - { - "name" : "https://access.redhat.com/security/cve/cve-2016-5195", - "refsource" : "CONFIRM", - "url" : "https://access.redhat.com/security/cve/cve-2016-5195" - }, - { - "name" : "https://access.redhat.com/security/vulnerabilities/2706661", - "refsource" : "CONFIRM", - "url" : "https://access.redhat.com/security/vulnerabilities/2706661" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1384344", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1384344" - }, - { - "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1004418", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1004418" - }, - { - "name" : "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" - }, - { - "name" : "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html", - "refsource" : "CONFIRM", - "url" : "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2016-5195", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2016-5195" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463" - }, - { - "name" : "https://source.android.com/security/bulletin/2016-11-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-11-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa134", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa134" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10176", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10176" - }, - { - "name" : "https://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us" - }, - { - "name" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/73", - "refsource" : "CONFIRM", - "url" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/73" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20161025-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20161025-0001/" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" - }, - { - "name" : "RHSA-2016:2098", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2098.html" - }, - { - "name" : "RHSA-2016:2105", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2105.html" - }, - { - "name" : "RHSA-2016:2106", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2106.html" - }, - { - "name" : "RHSA-2016:2107", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2107.html" - }, - { - "name" : "RHSA-2016:2110", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2110.html" - }, - { - "name" : "RHSA-2016:2118", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2118.html" - }, - { - "name" : "RHSA-2016:2120", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2120.html" - }, - { - "name" : "RHSA-2016:2124", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2124.html" - }, - { - "name" : "RHSA-2016:2126", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2126.html" - }, - { - "name" : "RHSA-2016:2127", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2127.html" - }, - { - "name" : "RHSA-2016:2128", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2128.html" - }, - { - "name" : "RHSA-2016:2132", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2132.html" - }, - { - "name" : "RHSA-2016:2133", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2133.html" - }, - { - "name" : "RHSA-2017:0372", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:0372" - }, - { - "name" : "VU#243144", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/243144" - }, - { - "name" : "93793", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93793" - }, - { - "name" : "1037078", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:2107", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html" + }, + { + "name": "40616", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40616/" + }, + { + "name": "RHSA-2017:0372", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:0372" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa134", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa134" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "40839", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40839/" + }, + { + "name": "https://dirtycow.ninja", + "refsource": "MISC", + "url": "https://dirtycow.ninja" + }, + { + "name": "40847", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40847/" + }, + { + "name": "RHSA-2016:2118", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html" + }, + { + "name": "RHSA-2016:2128", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html" + }, + { + "name": "https://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-12-01.html" + }, + { + "name": "RHSA-2016:2120", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html" + }, + { + "name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7" + }, + { + "name": "RHSA-2016:2133", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html" + }, + { + "name": "RHSA-2016:2098", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us" + }, + { + "name": "VU#243144", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/243144" + }, + { + "name": "https://bugzilla.suse.com/show_bug.cgi?id=1004418", + "refsource": "CONFIRM", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418" + }, + { + "name": "1037078", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037078" + }, + { + "name": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html", + "refsource": "CONFIRM", + "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20161025-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20161025-0001/" + }, + { + "name": "93793", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93793" + }, + { + "name": "RHSA-2016:2127", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2016-5195", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195" + }, + { + "name": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs", + "refsource": "MISC", + "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us" + }, + { + "name": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" + }, + { + "name": "http://securityadvisories.paloaltonetworks.com/Home/Detail/73", + "refsource": "CONFIRM", + "url": "http://securityadvisories.paloaltonetworks.com/Home/Detail/73" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" + }, + { + "name": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails", + "refsource": "MISC", + "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344" + }, + { + "name": "https://access.redhat.com/security/vulnerabilities/2706661", + "refsource": "CONFIRM", + "url": "https://access.redhat.com/security/vulnerabilities/2706661" + }, + { + "name": "RHSA-2016:2106", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" + }, + { + "name": "40611", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40611/" + }, + { + "name": "https://access.redhat.com/security/cve/cve-2016-5195", + "refsource": "CONFIRM", + "url": "https://access.redhat.com/security/cve/cve-2016-5195" + }, + { + "name": "https://source.android.com/security/bulletin/2016-11-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-11-01.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541" + }, + { + "name": "RHSA-2016:2124", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3" + }, + { + "name": "RHSA-2016:2105", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html" + }, + { + "name": "RHSA-2016:2126", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html" + }, + { + "name": "RHSA-2016:2132", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html" + }, + { + "name": "RHSA-2016:2110", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5440.json b/2016/5xxx/CVE-2016-5440.json index f99b5ba77fa..aa8b342febe 100644 --- a/2016/5xxx/CVE-2016-5440.json +++ b/2016/5xxx/CVE-2016-5440.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5440", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3624", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3624" - }, - { - "name" : "DSA-3632", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3632" - }, - { - "name" : "RHSA-2016:1601", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1603", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1603.html" - }, - { - "name" : "RHSA-2016:1604", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1604.html" - }, - { - "name" : "RHSA-2016:1637", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1637.html" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "openSUSE-SU-2016:2278", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" - }, - { - "name" : "USN-3040-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3040-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91953", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91953" - }, - { - "name" : "1036362", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3040-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3040-1" + }, + { + "name": "RHSA-2016:1603", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1603.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "DSA-3632", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3632" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" + }, + { + "name": "RHSA-2016:1601", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "1036362", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036362" + }, + { + "name": "openSUSE-SU-2016:2278", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" + }, + { + "name": "DSA-3624", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3624" + }, + { + "name": "RHSA-2016:1637", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1637.html" + }, + { + "name": "91953", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91953" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:1604", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1604.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5444.json b/2016/5xxx/CVE-2016-5444.json index 35e1a7cbc75..05c10a716c0 100644 --- a/2016/5xxx/CVE-2016-5444.json +++ b/2016/5xxx/CVE-2016-5444.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5444", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5444", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91987", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91987" - }, - { - "name" : "1036362", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "1036362", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036362" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "91987", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91987" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5589.json b/2016/5xxx/CVE-2016-5589.json index 66a2e651a39..b881b2b61dd 100644 --- a/2016/5xxx/CVE-2016-5589.json +++ b/2016/5xxx/CVE-2016-5589.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93694" - }, - { - "name" : "1037038", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037038", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037038" + }, + { + "name": "93694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93694" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2622.json b/2018/2xxx/CVE-2018-2622.json index a10205e8ca0..2166296a279 100644 --- a/2018/2xxx/CVE-2018-2622.json +++ b/2018/2xxx/CVE-2018-2622.json @@ -1,136 +1,136 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.5.58 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.6.38 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.20 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.5.58 and prior" + }, + { + "version_affected": "=", + "version_value": "5.6.38 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.20 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" - }, - { - "name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180117-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180117-0002/" - }, - { - "name" : "DSA-4091", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4091" - }, - { - "name" : "DSA-4341", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4341" - }, - { - "name" : "RHSA-2018:0586", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0586" - }, - { - "name" : "RHSA-2018:0587", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0587" - }, - { - "name" : "RHSA-2018:2439", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2439" - }, - { - "name" : "RHSA-2018:2729", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2729" - }, - { - "name" : "USN-3537-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3537-1/" - }, - { - "name" : "USN-3537-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3537-2/" - }, - { - "name" : "102706", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102706" - }, - { - "name" : "1040216", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:0587", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0587" + }, + { + "name": "DSA-4341", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4341" + }, + { + "name": "USN-3537-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3537-1/" + }, + { + "name": "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" + }, + { + "name": "RHSA-2018:0586", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0586" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "RHSA-2018:2729", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2729" + }, + { + "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" + }, + { + "name": "DSA-4091", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4091" + }, + { + "name": "102706", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102706" + }, + { + "name": "RHSA-2018:2439", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2439" + }, + { + "name": "USN-3537-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3537-2/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180117-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180117-0002/" + }, + { + "name": "1040216", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040216" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2721.json b/2018/2xxx/CVE-2018-2721.json index e15fc0265bb..9831ab9d315 100644 --- a/2018/2xxx/CVE-2018-2721.json +++ b/2018/2xxx/CVE-2018-2721.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Financial Services Price Creation and Discovery", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.0.5" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Financial Services Price Creation and Discovery", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.0.5" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102668", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102668" - }, - { - "name" : "1040214", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040214", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040214" + }, + { + "name": "102668", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102668" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0122.json b/2019/0xxx/CVE-2019-0122.json index 81cb8812271..0ca3db740e0 100644 --- a/2019/0xxx/CVE-2019-0122.json +++ b/2019/0xxx/CVE-2019-0122.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-03-12T00:00:00", - "ID" : "CVE-2019-0122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intel(R) Software Guard Extensions SDK", - "version" : { - "version_data" : [ - { - "version_value" : "Multiple versions." - } - ] - } - } - ] - }, - "vendor_name" : "Intel Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service, Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-03-12T00:00:00", + "ID": "CVE-2019-0122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intel(R) Software Guard Extensions SDK", + "version": { + "version_data": [ + { + "version_value": "Multiple versions." + } + ] + } + } + ] + }, + "vendor_name": "Intel Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0367.json b/2019/0xxx/CVE-2019-0367.json index 81bc7aea2de..439cd6cc62f 100644 --- a/2019/0xxx/CVE-2019-0367.json +++ b/2019/0xxx/CVE-2019-0367.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0367", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0367", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0903.json b/2019/0xxx/CVE-2019-0903.json index d927b9c67d1..f2ad00b9695 100644 --- a/2019/0xxx/CVE-2019-0903.json +++ b/2019/0xxx/CVE-2019-0903.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0903", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0903", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0926.json b/2019/0xxx/CVE-2019-0926.json index 72622c6a510..1286c1d8955 100644 --- a/2019/0xxx/CVE-2019-0926.json +++ b/2019/0xxx/CVE-2019-0926.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0926", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0926", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0965.json b/2019/0xxx/CVE-2019-0965.json index 3fe31204124..cacae27b3f8 100644 --- a/2019/0xxx/CVE-2019-0965.json +++ b/2019/0xxx/CVE-2019-0965.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0965", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0965", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1166.json b/2019/1xxx/CVE-2019-1166.json index 9794c3dc115..ce73ec00bcb 100644 --- a/2019/1xxx/CVE-2019-1166.json +++ b/2019/1xxx/CVE-2019-1166.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1166", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1166", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1210.json b/2019/1xxx/CVE-2019-1210.json index 66e13858fdb..44bd8465e5a 100644 --- a/2019/1xxx/CVE-2019-1210.json +++ b/2019/1xxx/CVE-2019-1210.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1210", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1210", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1759.json b/2019/1xxx/CVE-2019-1759.json index ef2246c8e2b..1201702e31b 100644 --- a/2019/1xxx/CVE-2019-1759.json +++ b/2019/1xxx/CVE-2019-1759.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1759", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1759", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1802.json b/2019/1xxx/CVE-2019-1802.json index 83cd7d80cb6..c281c053ade 100644 --- a/2019/1xxx/CVE-2019-1802.json +++ b/2019/1xxx/CVE-2019-1802.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1802", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1802", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4427.json b/2019/4xxx/CVE-2019-4427.json index 83e492a397f..c8c9814d399 100644 --- a/2019/4xxx/CVE-2019-4427.json +++ b/2019/4xxx/CVE-2019-4427.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4427", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4427", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4537.json b/2019/4xxx/CVE-2019-4537.json index ad8ebf52b84..1bd26cd98b0 100644 --- a/2019/4xxx/CVE-2019-4537.json +++ b/2019/4xxx/CVE-2019-4537.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4537", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4537", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4641.json b/2019/4xxx/CVE-2019-4641.json index ab5bd4efefb..0e4e861b337 100644 --- a/2019/4xxx/CVE-2019-4641.json +++ b/2019/4xxx/CVE-2019-4641.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4641", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4641", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4643.json b/2019/4xxx/CVE-2019-4643.json index d7fbcce8cce..33a1e1a6942 100644 --- a/2019/4xxx/CVE-2019-4643.json +++ b/2019/4xxx/CVE-2019-4643.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4643", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4643", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5157.json b/2019/5xxx/CVE-2019-5157.json index cdca6c3127d..88a4536def6 100644 --- a/2019/5xxx/CVE-2019-5157.json +++ b/2019/5xxx/CVE-2019-5157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5180.json b/2019/5xxx/CVE-2019-5180.json index 812a01752b0..5e0940d2a11 100644 --- a/2019/5xxx/CVE-2019-5180.json +++ b/2019/5xxx/CVE-2019-5180.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5180", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5180", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5311.json b/2019/5xxx/CVE-2019-5311.json index c2b4ad929ff..43a5d6806fb 100644 --- a/2019/5xxx/CVE-2019-5311.json +++ b/2019/5xxx/CVE-2019-5311.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5311", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5311", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/doublefast/yunucms/issues/5", - "refsource" : "MISC", - "url" : "https://github.com/doublefast/yunucms/issues/5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/doublefast/yunucms/issues/5", + "refsource": "MISC", + "url": "https://github.com/doublefast/yunucms/issues/5" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5722.json b/2019/5xxx/CVE-2019-5722.json index f07982ed0b9..baf8371e214 100644 --- a/2019/5xxx/CVE-2019-5722.json +++ b/2019/5xxx/CVE-2019-5722.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5722", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5722", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9069.json b/2019/9xxx/CVE-2019-9069.json index 1cde9f9b4a5..63bad20d83f 100644 --- a/2019/9xxx/CVE-2019-9069.json +++ b/2019/9xxx/CVE-2019-9069.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9069", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9069", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9145.json b/2019/9xxx/CVE-2019-9145.json index aa4ef970efd..a46f0c90948 100644 --- a/2019/9xxx/CVE-2019-9145.json +++ b/2019/9xxx/CVE-2019-9145.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9145", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9145", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.cnblogs.com/7bit/articles/10389939.html", - "refsource" : "MISC", - "url" : "https://www.cnblogs.com/7bit/articles/10389939.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cnblogs.com/7bit/articles/10389939.html", + "refsource": "MISC", + "url": "https://www.cnblogs.com/7bit/articles/10389939.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9525.json b/2019/9xxx/CVE-2019-9525.json index 248c979f870..23bef028bcf 100644 --- a/2019/9xxx/CVE-2019-9525.json +++ b/2019/9xxx/CVE-2019-9525.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9525", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9525", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file