diff --git a/2007/0xxx/CVE-2007-0095.json b/2007/0xxx/CVE-2007-0095.json index 773b3f11ad7..4499e361946 100644 --- a/2007/0xxx/CVE-2007-0095.json +++ b/2007/0xxx/CVE-2007-0095.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070102 Inforamtion Discloser Vulnerabilities in phpMyAdmin", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051544.html" - }, - { - "name" : "20070102 Inforamtion Discloser Vulnerabilities in \"phpMyAdmin\"", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html" - }, - { - "name" : "MDKSA-2007:199", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199" - }, - { - "name" : "33257", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33257" - }, - { - "name" : "2104", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2104" - }, - { - "name" : "phpmyadmin-darkblueorange-path-disclosure(31223)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070102 Inforamtion Discloser Vulnerabilities in phpMyAdmin", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051544.html" + }, + { + "name": "20070102 Inforamtion Discloser Vulnerabilities in \"phpMyAdmin\"", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html" + }, + { + "name": "MDKSA-2007:199", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199" + }, + { + "name": "phpmyadmin-darkblueorange-path-disclosure(31223)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31223" + }, + { + "name": "33257", + "refsource": "OSVDB", + "url": "http://osvdb.org/33257" + }, + { + "name": "2104", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2104" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0327.json b/2007/0xxx/CVE-2007-0327.json index e16035f63b7..84f6508a8ae 100644 --- a/2007/0xxx/CVE-2007-0327.json +++ b/2007/0xxx/CVE-2007-0327.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0327", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0327", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0573.json b/2007/0xxx/CVE-2007-0573.json index 90c40ba7093..974a00197d2 100644 --- a/2007/0xxx/CVE-2007-0573.json +++ b/2007/0xxx/CVE-2007-0573.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3205", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3205" - }, - { - "name" : "VIM 20070130 Source VERIFY: nsGalPHP RFI", - "refsource" : "MLIST", - "url" : "http://www.attrition.org/pipermail/vim/2007-January/001257.html" - }, - { - "name" : "22277", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22277" - }, - { - "name" : "ADV-2007-0392", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0392" - }, - { - "name" : "32994", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32994" - }, - { - "name" : "23969", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23969" - }, - { - "name" : "nsgalphp-config-file-include(31861)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31861" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "nsgalphp-config-file-include(31861)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31861" + }, + { + "name": "ADV-2007-0392", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0392" + }, + { + "name": "32994", + "refsource": "OSVDB", + "url": "http://osvdb.org/32994" + }, + { + "name": "VIM 20070130 Source VERIFY: nsGalPHP RFI", + "refsource": "MLIST", + "url": "http://www.attrition.org/pipermail/vim/2007-January/001257.html" + }, + { + "name": "3205", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3205" + }, + { + "name": "22277", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22277" + }, + { + "name": "23969", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23969" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0769.json b/2007/0xxx/CVE-2007-0769.json index 09b9f81ca78..877f78adbde 100644 --- a/2007/0xxx/CVE-2007-0769.json +++ b/2007/0xxx/CVE-2007-0769.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that \"The characters are escaped properly.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070129 Phorum HTML Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458461/100/0/threaded" - }, - { - "name" : "20070129 Re: Phorum HTML Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458467/100/0/threaded" - }, - { - "name" : "http://www.phorum.org/phorum5/read.php?12,119757", - "refsource" : "MISC", - "url" : "http://www.phorum.org/phorum5/read.php?12,119757" - }, - { - "name" : "22297", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22297" - }, - { - "name" : "ADV-2007-0410", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0410" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that \"The characters are escaped properly.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0410", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0410" + }, + { + "name": "22297", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22297" + }, + { + "name": "http://www.phorum.org/phorum5/read.php?12,119757", + "refsource": "MISC", + "url": "http://www.phorum.org/phorum5/read.php?12,119757" + }, + { + "name": "20070129 Phorum HTML Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458461/100/0/threaded" + }, + { + "name": "20070129 Re: Phorum HTML Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458467/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1120.json b/2007/1xxx/CVE-2007-1120.json index 47ed81e07f1..47d333c57d8 100644 --- a/2007/1xxx/CVE-2007-1120.json +++ b/2007/1xxx/CVE-2007-1120.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1120", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX control (TeeChart7.ocx) allow remote attackers to download a crafted .tee file to an arbitrary location. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1120", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22689", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22689" - }, - { - "name" : "33534", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33534" - }, - { - "name" : "24263", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24263" - }, - { - "name" : "teechart-activex-file-upload(32694)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32694" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX control (TeeChart7.ocx) allow remote attackers to download a crafted .tee file to an arbitrary location. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33534", + "refsource": "OSVDB", + "url": "http://osvdb.org/33534" + }, + { + "name": "teechart-activex-file-upload(32694)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32694" + }, + { + "name": "22689", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22689" + }, + { + "name": "24263", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24263" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1568.json b/2007/1xxx/CVE-2007-1568.json index 82a528f2213..89dd054f229 100644 --- a/2007/1xxx/CVE-2007-1568.json +++ b/2007/1xxx/CVE-2007-1568.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1568", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1568", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3462", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3462" - }, - { - "name" : "3463", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3463" - }, - { - "name" : "ADV-2007-0934", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0934" - }, - { - "name" : "34035", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34035" - }, - { - "name" : "24487", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24487", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24487" + }, + { + "name": "34035", + "refsource": "OSVDB", + "url": "http://osvdb.org/34035" + }, + { + "name": "ADV-2007-0934", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0934" + }, + { + "name": "3462", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3462" + }, + { + "name": "3463", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3463" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1943.json b/2007/1xxx/CVE-2007-1943.json index 4bd8cb4e522..cdbeb7060f3 100644 --- a/2007/1xxx/CVE-2007-1943.json +++ b/2007/1xxx/CVE-2007-1943.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 Several Windows image viewers vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464726/100/0/threaded" - }, - { - "name" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html", - "refsource" : "MISC", - "url" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html" - }, - { - "name" : "http://www.acdsee.com/support/knowledgebase/article?id=2800", - "refsource" : "MISC", - "url" : "http://www.acdsee.com/support/knowledgebase/article?id=2800" - }, - { - "name" : "23317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23317" - }, - { - "name" : "ADV-2007-1283", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1283" - }, - { - "name" : "34663", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34663" - }, - { - "name" : "24779", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24779" - }, - { - "name" : "2558", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1283", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1283" + }, + { + "name": "23317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23317" + }, + { + "name": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html", + "refsource": "MISC", + "url": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html" + }, + { + "name": "24779", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24779" + }, + { + "name": "20070404 Several Windows image viewers vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464726/100/0/threaded" + }, + { + "name": "34663", + "refsource": "OSVDB", + "url": "http://osvdb.org/34663" + }, + { + "name": "2558", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2558" + }, + { + "name": "http://www.acdsee.com/support/knowledgebase/article?id=2800", + "refsource": "MISC", + "url": "http://www.acdsee.com/support/knowledgebase/article?id=2800" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4295.json b/2007/4xxx/CVE-2007-4295.json index 067b117eafb..70606f68f45 100644 --- a/2007/4xxx/CVE-2007-4295.json +++ b/2007/4xxx/CVE-2007-4295.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml" - }, - { - "name" : "25239", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25239" - }, - { - "name" : "oval:org.mitre.oval:def:5075", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075" - }, - { - "name" : "ADV-2007-2816", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2816" - }, - { - "name" : "36667", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36667" - }, - { - "name" : "1018533", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018533" - }, - { - "name" : "26363", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26363" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36667", + "refsource": "OSVDB", + "url": "http://osvdb.org/36667" + }, + { + "name": "ADV-2007-2816", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2816" + }, + { + "name": "oval:org.mitre.oval:def:5075", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075" + }, + { + "name": "1018533", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018533" + }, + { + "name": "25239", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25239" + }, + { + "name": "26363", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26363" + }, + { + "name": "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4320.json b/2007/4xxx/CVE-2007-4320.json index 01891dcfa08..2a29e533fc6 100644 --- a/2007/4xxx/CVE-2007-4320.json +++ b/2007/4xxx/CVE-2007-4320.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4273", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4273" - }, - { - "name" : "25248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25248" - }, - { - "name" : "ADV-2007-2833", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2833" - }, - { - "name" : "36426", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36426" - }, - { - "name" : "26383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26383" - }, - { - "name" : "ncaster-archive-file-include(35908)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35908" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26383" + }, + { + "name": "ADV-2007-2833", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2833" + }, + { + "name": "25248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25248" + }, + { + "name": "36426", + "refsource": "OSVDB", + "url": "http://osvdb.org/36426" + }, + { + "name": "ncaster-archive-file-include(35908)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35908" + }, + { + "name": "4273", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4273" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4509.json b/2007/4xxx/CVE-2007-4509.json index 3f8908046e5..4a0f3b33ab0 100644 --- a/2007/4xxx/CVE-2007-4509.json +++ b/2007/4xxx/CVE-2007-4509.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the did parameter in a details action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4309", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4309" - }, - { - "name" : "38360", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38360" - }, - { - "name" : "eventlist-index-sql-injection(36223)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the did parameter in a details action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4309", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4309" + }, + { + "name": "eventlist-index-sql-injection(36223)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36223" + }, + { + "name": "38360", + "refsource": "OSVDB", + "url": "http://osvdb.org/38360" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5591.json b/2007/5xxx/CVE-2007-5591.json index 13f472dad29..7e6e282589f 100644 --- a/2007/5xxx/CVE-2007-5591.json +++ b/2007/5xxx/CVE-2007-5591.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5591", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5591", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071018 Nortel Telephony Server Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482484/100/0/threaded" - }, - { - "name" : "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt", - "refsource" : "MISC", - "url" : "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204" - }, - { - "name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf", - "refsource" : "CONFIRM", - "url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf" - }, - { - "name" : "26113", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26113" - }, - { - "name" : "ADV-2007-3536", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3536" - }, - { - "name" : "41799", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41799" - }, - { - "name" : "27282", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27282" - }, - { - "name" : "nortel-cs1000-elan-dos(37252)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37252" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27282", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27282" + }, + { + "name": "ADV-2007-3536", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3536" + }, + { + "name": "nortel-cs1000-elan-dos(37252)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37252" + }, + { + "name": "41799", + "refsource": "OSVDB", + "url": "http://osvdb.org/41799" + }, + { + "name": "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt", + "refsource": "MISC", + "url": "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt" + }, + { + "name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf", + "refsource": "CONFIRM", + "url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf" + }, + { + "name": "26113", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26113" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204" + }, + { + "name": "20071018 Nortel Telephony Server Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482484/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2013.json b/2015/2xxx/CVE-2015-2013.json index 44503497a9d..8cc0ba9f21a 100644 --- a/2015/2xxx/CVE-2015-2013.json +++ b/2015/2xxx/CVE-2015-2013.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962479", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962479" - }, - { - "name" : "IV73860", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV73860" - }, - { - "name" : "1033449", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033449" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033449", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033449" + }, + { + "name": "IV73860", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV73860" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21962479", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962479" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2665.json b/2015/2xxx/CVE-2015-2665.json index 071441e917a..0521ae10412 100644 --- a/2015/2xxx/CVE-2015-2665.json +++ b/2015/2xxx/CVE-2015-2665.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.fortiguard.com/advisory/FG-VD-15-017/", - "refsource" : "MISC", - "url" : "http://www.fortiguard.com/advisory/FG-VD-15-017/" - }, - { - "name" : "http://www.cacti.net/release_notes_0_8_8d.php", - "refsource" : "CONFIRM", - "url" : "http://www.cacti.net/release_notes_0_8_8d.php" - }, - { - "name" : "DSA-3295", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3295" - }, - { - "name" : "FEDORA-2016-4a5ce6a6c0", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html" - }, - { - "name" : "FEDORA-2016-852a39e085", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html" - }, - { - "name" : "FEDORA-2016-a8e2be0fe6", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html" - }, - { - "name" : "75309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75309" - }, - { - "name" : "1032672", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032672" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-a8e2be0fe6", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html" + }, + { + "name": "http://www.cacti.net/release_notes_0_8_8d.php", + "refsource": "CONFIRM", + "url": "http://www.cacti.net/release_notes_0_8_8d.php" + }, + { + "name": "1032672", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032672" + }, + { + "name": "http://www.fortiguard.com/advisory/FG-VD-15-017/", + "refsource": "MISC", + "url": "http://www.fortiguard.com/advisory/FG-VD-15-017/" + }, + { + "name": "FEDORA-2016-852a39e085", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html" + }, + { + "name": "75309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75309" + }, + { + "name": "DSA-3295", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3295" + }, + { + "name": "FEDORA-2016-4a5ce6a6c0", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2964.json b/2015/2xxx/CVE-2015-2964.json index 2e1c500168a..71f6bbd7b56 100644 --- a/2015/2xxx/CVE-2015-2964.json +++ b/2015/2xxx/CVE-2015-2964.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#25336719", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN25336719/index.html" - }, - { - "name" : "JVNDB-2015-000090", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000090" - }, - { - "name" : "75423", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75423" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#25336719", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN25336719/index.html" + }, + { + "name": "75423", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75423" + }, + { + "name": "JVNDB-2015-000090", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000090" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2970.json b/2015/2xxx/CVE-2015-2970.json index 44a73d4b91f..5b0aa929386 100644 --- a/2015/2xxx/CVE-2015-2970.json +++ b/2015/2xxx/CVE-2015-2970.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/en/jp/JVN61935381/995636/index.html", - "refsource" : "CONFIRM", - "url" : "http://jvn.jp/en/jp/JVN61935381/995636/index.html" - }, - { - "name" : "JVN#61935381", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN61935381/index.html" - }, - { - "name" : "JVNDB-2015-000097", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2015-000097", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000097" + }, + { + "name": "http://jvn.jp/en/jp/JVN61935381/995636/index.html", + "refsource": "CONFIRM", + "url": "http://jvn.jp/en/jp/JVN61935381/995636/index.html" + }, + { + "name": "JVN#61935381", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN61935381/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3154.json b/2015/3xxx/CVE-2015-3154.json index aea290a779b..34a98d79295 100644 --- a/2015/3xxx/CVE-2015-3154.json +++ b/2015/3xxx/CVE-2015-3154.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3154", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3154", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3249.json b/2015/3xxx/CVE-2015-3249.json index 84b4930b4d0..a93323a0351 100644 --- a/2015/3xxx/CVE-2015-3249.json +++ b/2015/3xxx/CVE-2015-3249.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[www-announce] 20150704 [ANNOUNCE] Apache Traffic Server 5.3.1 is released!", - "refsource" : "MLIST", - "url" : "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E" - }, - { - "name" : "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing", - "refsource" : "MISC", - "url" : "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing" - }, - { - "name" : "101631", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101631" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101631", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101631" + }, + { + "name": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing", + "refsource": "MISC", + "url": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing" + }, + { + "name": "[www-announce] 20150704 [ANNOUNCE] Apache Traffic Server 5.3.1 is released!", + "refsource": "MLIST", + "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3792.json b/2015/3xxx/CVE-2015-3792.json index 2c5ea19c894..7d83ca5c912 100644 --- a/2015/3xxx/CVE-2015-3792.json +++ b/2015/3xxx/CVE-2015-3792.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "https://support.apple.com/HT205046", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205046" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-08-20-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html" - }, - { - "name" : "76340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76340" - }, - { - "name" : "1033276", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205046", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205046" + }, + { + "name": "76340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76340" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "APPLE-SA-2015-08-20-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "1033276", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033276" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6122.json b/2015/6xxx/CVE-2015-6122.json index 0c47108364d..e6a86dec283 100644 --- a/2015/6xxx/CVE-2015-6122.json +++ b/2015/6xxx/CVE-2015-6122.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6122", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6122", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-131", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-131" - }, - { - "name" : "1034324", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-131", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-131" + }, + { + "name": "1034324", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034324" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6156.json b/2015/6xxx/CVE-2015-6156.json index 5dacb2560f8..0730aab06d1 100644 --- a/2015/6xxx/CVE-2015-6156.json +++ b/2015/6xxx/CVE-2015-6156.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6156", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6148." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6156", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6148." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6462.json b/2015/6xxx/CVE-2015-6462.json index c2952e1c62a..159a82e0e34 100644 --- a/2015/6xxx/CVE-2015-6462.json +++ b/2015/6xxx/CVE-2015-6462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6462", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6462", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6557.json b/2015/6xxx/CVE-2015-6557.json index d2d49510233..472d067e4f9 100644 --- a/2015/6xxx/CVE-2015-6557.json +++ b/2015/6xxx/CVE-2015-6557.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passwords in exception messages, which allows physically proximate attackers to obtain sensitive information by reading trace output, a different vulnerability than CVE-2015-4949." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963630", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963630" - }, - { - "name" : "IT03480", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passwords in exception messages, which allows physically proximate attackers to obtain sensitive information by reading trace output, a different vulnerability than CVE-2015-4949." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IT03480", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6816.json b/2015/6xxx/CVE-2015-6816.json index 90ac04e3aef..70deb46cf55 100644 --- a/2015/6xxx/CVE-2015-6816.json +++ b/2015/6xxx/CVE-2015-6816.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6816", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ganglia-web before 3.7.1 allows remote attackers to bypass authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6816", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150905 Re: CVE request: Ganglia-web auth bypass", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/09/05/6" - }, - { - "name" : "https://www.freshports.org/sysutils/ganglia-webfrontend/", - "refsource" : "MISC", - "url" : "https://www.freshports.org/sysutils/ganglia-webfrontend/" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1260562", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1260562" - }, - { - "name" : "https://github.com/ganglia/ganglia-web/issues/267", - "refsource" : "CONFIRM", - "url" : "https://github.com/ganglia/ganglia-web/issues/267" - }, - { - "name" : "FEDORA-2015-accdc7ebfc", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169641.html" - }, - { - "name" : "FEDORA-2015-de8ba28354", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170362.html" - }, - { - "name" : "FEDORA-2015-ee7a2b5844", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169788.html" - }, - { - "name" : "92146", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92146" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ganglia-web before 3.7.1 allows remote attackers to bypass authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260562", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260562" + }, + { + "name": "https://github.com/ganglia/ganglia-web/issues/267", + "refsource": "CONFIRM", + "url": "https://github.com/ganglia/ganglia-web/issues/267" + }, + { + "name": "FEDORA-2015-accdc7ebfc", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169641.html" + }, + { + "name": "FEDORA-2015-de8ba28354", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170362.html" + }, + { + "name": "FEDORA-2015-ee7a2b5844", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169788.html" + }, + { + "name": "https://www.freshports.org/sysutils/ganglia-webfrontend/", + "refsource": "MISC", + "url": "https://www.freshports.org/sysutils/ganglia-webfrontend/" + }, + { + "name": "[oss-security] 20150905 Re: CVE request: Ganglia-web auth bypass", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/09/05/6" + }, + { + "name": "92146", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92146" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7027.json b/2015/7xxx/CVE-2015-7027.json index f629b1e9563..85a5402716c 100644 --- a/2015/7xxx/CVE-2015-7027.json +++ b/2015/7xxx/CVE-2015-7027.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7027", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7027", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7204.json b/2015/7xxx/CVE-2015-7204.json index 1df32fac657..6e249682dd9 100644 --- a/2015/7xxx/CVE-2015-7204.json +++ b/2015/7xxx/CVE-2015-7204.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79280", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79280" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "79280", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79280" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7321.json b/2015/7xxx/CVE-2015-7321.json index 6fb3a1aec9e..de4eff64e87 100644 --- a/2015/7xxx/CVE-2015-7321.json +++ b/2015/7xxx/CVE-2015-7321.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7321", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7321", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0015.json b/2016/0xxx/CVE-2016-0015.json index bb9fc022daf..b9bfc18930b 100644 --- a/2016/0xxx/CVE-2016-0015.json +++ b/2016/0xxx/CVE-2016-0015.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"DirectShow Heap Corruption Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39232", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39232/" - }, - { - "name" : "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html" - }, - { - "name" : "MS16-007", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" - }, - { - "name" : "1034660", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"DirectShow Heap Corruption Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034660", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034660" + }, + { + "name": "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html" + }, + { + "name": "39232", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39232/" + }, + { + "name": "MS16-007", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0303.json b/2016/0xxx/CVE-2016-0303.json index 6ecfb237dc6..b42c3237514 100644 --- a/2016/0xxx/CVE-2016-0303.json +++ b/2016/0xxx/CVE-2016-0303.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0303", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981591", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0363.json b/2016/0xxx/CVE-2016-0363.json index ba504a362e6..6b1ec0d8069 100644 --- a/2016/0xxx/CVE-2016-0363.json +++ b/2016/0xxx/CVE-2016-0363.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Apr/3" - }, - { - "name" : "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Apr/20" - }, - { - "name" : "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf", - "refsource" : "MISC", - "url" : "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826" - }, - { - "name" : "IX90172", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90172" - }, - { - "name" : "RHSA-2016:0701", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" - }, - { - "name" : "RHSA-2016:0702", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" - }, - { - "name" : "RHSA-2016:0708", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" - }, - { - "name" : "RHSA-2016:0716", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2016:1039", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "SUSE-SU-2016:1299", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" - }, - { - "name" : "SUSE-SU-2016:1300", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" - }, - { - "name" : "SUSE-SU-2016:1303", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" - }, - { - "name" : "SUSE-SU-2016:1378", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" - }, - { - "name" : "SUSE-SU-2016:1379", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" - }, - { - "name" : "SUSE-SU-2016:1388", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" - }, - { - "name" : "SUSE-SU-2016:1458", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" - }, - { - "name" : "SUSE-SU-2016:1475", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" - }, - { - "name" : "85895", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85895" - }, - { - "name" : "1035953", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826" + }, + { + "name": "85895", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85895" + }, + { + "name": "SUSE-SU-2016:1299", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" + }, + { + "name": "RHSA-2016:1039", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html" + }, + { + "name": "RHSA-2016:0701", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html" + }, + { + "name": "SUSE-SU-2016:1303", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" + }, + { + "name": "SUSE-SU-2016:1475", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" + }, + { + "name": "SUSE-SU-2016:1300", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf", + "refsource": "MISC", + "url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf" + }, + { + "name": "RHSA-2016:0708", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html" + }, + { + "name": "SUSE-SU-2016:1378", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" + }, + { + "name": "SUSE-SU-2016:1379", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" + }, + { + "name": "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Apr/20" + }, + { + "name": "SUSE-SU-2016:1458", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" + }, + { + "name": "RHSA-2016:0716", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html" + }, + { + "name": "1035953", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035953" + }, + { + "name": "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Apr/3" + }, + { + "name": "SUSE-SU-2016:1388", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" + }, + { + "name": "RHSA-2016:0702", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + }, + { + "name": "IX90172", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90172" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0521.json b/2016/0xxx/CVE-2016-0521.json index ba2aacbe344..04ca47b73ef 100644 --- a/2016/0xxx/CVE-2016-0521.json +++ b/2016/0xxx/CVE-2016-0521.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0521", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0521", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0538.json b/2016/0xxx/CVE-2016-0538.json index 038c120c3fe..a10d1d2f825 100644 --- a/2016/0xxx/CVE-2016-0538.json +++ b/2016/0xxx/CVE-2016-0538.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Business Intelligence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Business Intelligence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0958.json b/2016/0xxx/CVE-2016-0958.json index 6ab04393f3f..512432001db 100644 --- a/2016/0xxx/CVE-2016-0958.json +++ b/2016/0xxx/CVE-2016-0958.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0958", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0958", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000215.json b/2016/1000xxx/CVE-2016-1000215.json index 77366686f71..9aa3cade10f 100644 --- a/2016/1000xxx/CVE-2016-1000215.json +++ b/2016/1000xxx/CVE-2016-1000215.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ruckus Wireless H500 web management interface denial of service" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/", - "refsource" : "MISC", - "url" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/" - }, - { - "name" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt", - "refsource" : "CONFIRM", - "url" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ruckus Wireless H500 web management interface denial of service" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt", + "refsource": "CONFIRM", + "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt" + }, + { + "name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/", + "refsource": "MISC", + "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1179.json b/2016/1xxx/CVE-2016-1179.json index 12a7cdd5585..3c6421b5ff0 100644 --- a/2016/1xxx/CVE-2016-1179.json +++ b/2016/1xxx/CVE-2016-1179.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://developer.a-blogcms.jp/blog/patch/entry-2363.html", - "refsource" : "CONFIRM", - "url" : "https://developer.a-blogcms.jp/blog/patch/entry-2363.html" - }, - { - "name" : "JVN#73166466", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN73166466/index.html" - }, - { - "name" : "JVNDB-2016-000046", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000046.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000046", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000046.html" + }, + { + "name": "https://developer.a-blogcms.jp/blog/patch/entry-2363.html", + "refsource": "CONFIRM", + "url": "https://developer.a-blogcms.jp/blog/patch/entry-2363.html" + }, + { + "name": "JVN#73166466", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN73166466/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1216.json b/2016/1xxx/CVE-2016-1216.json index 3041cf3eb6e..34a73fb5c13 100644 --- a/2016/1xxx/CVE-2016-1216.json +++ b/2016/1xxx/CVE-2016-1216.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1216", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the \"New appointment\" function in Cybozu Garoon before 4.2.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1216", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9223", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9223" - }, - { - "name" : "JVN#67595539", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN67595539/index.html" - }, - { - "name" : "JVNDB-2016-000145", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000145.html" - }, - { - "name" : "92601", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92601" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the \"New appointment\" function in Cybozu Garoon before 4.2.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.cybozu.com/ja-jp/article/9223", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9223" + }, + { + "name": "JVN#67595539", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN67595539/index.html" + }, + { + "name": "JVNDB-2016-000145", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000145.html" + }, + { + "name": "92601", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92601" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4551.json b/2016/4xxx/CVE-2016-4551.json index fde29762108..3ae4a1c2ac0 100644 --- a/2016/4xxx/CVE-2016-4551.json +++ b/2016/4xxx/CVE-2016-4551.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Oct/3" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging" - }, - { - "name" : "93288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93288" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Oct/3" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging" + }, + { + "name": "93288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93288" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4556.json b/2016/4xxx/CVE-2016-4556.json index e92977d28f3..d6fd04446a2 100644 --- a/2016/4xxx/CVE-2016-4556.json +++ b/2016/4xxx/CVE-2016-4556.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/06/3" - }, - { - "name" : "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/06/5" - }, - { - "name" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt" - }, - { - "name" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch" - }, - { - "name" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3625", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3625" - }, - { - "name" : "GLSA-201607-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-01" - }, - { - "name" : "RHSA-2016:1138", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1138" - }, - { - "name" : "RHSA-2016:1139", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1139" - }, - { - "name" : "RHSA-2016:1140", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1140" - }, - { - "name" : "openSUSE-SU-2016:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" - }, - { - "name" : "SUSE-SU-2016:1996", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" - }, - { - "name" : "SUSE-SU-2016:2089", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" - }, - { - "name" : "USN-2995-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2995-1" - }, - { - "name" : "1035770", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035770" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201607-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-01" + }, + { + "name": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1996", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" + }, + { + "name": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch" + }, + { + "name": "USN-2995-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2995-1" + }, + { + "name": "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/06/5" + }, + { + "name": "RHSA-2016:1140", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1140" + }, + { + "name": "openSUSE-SU-2016:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" + }, + { + "name": "1035770", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035770" + }, + { + "name": "RHSA-2016:1138", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1138" + }, + { + "name": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt" + }, + { + "name": "RHSA-2016:1139", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1139" + }, + { + "name": "SUSE-SU-2016:2089", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" + }, + { + "name": "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/06/3" + }, + { + "name": "DSA-3625", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3625" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4580.json b/2016/4xxx/CVE-2016-4580.json index 000f8b0882d..e06f9288328 100644 --- a/2016/4xxx/CVE-2016-4580.json +++ b/2016/4xxx/CVE-2016-4580.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/10/12" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5" - }, - { - "name" : "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "SUSE-SU-2016:1672", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" - }, - { - "name" : "openSUSE-SU-2016:1641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" - }, - { - "name" : "SUSE-SU-2016:1985", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" - }, - { - "name" : "USN-3016-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-1" - }, - { - "name" : "USN-3016-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-2" - }, - { - "name" : "USN-3016-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-3" - }, - { - "name" : "USN-3016-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-4" - }, - { - "name" : "USN-3017-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-1" - }, - { - "name" : "USN-3017-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-2" - }, - { - "name" : "USN-3017-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-3" - }, - { - "name" : "USN-3018-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-1" - }, - { - "name" : "USN-3018-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-2" - }, - { - "name" : "USN-3019-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3019-1" - }, - { - "name" : "USN-3020-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3020-1" - }, - { - "name" : "USN-3021-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3021-1" - }, - { - "name" : "USN-3021-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3021-2" - }, - { - "name" : "90528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/10/12" + }, + { + "name": "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8" + }, + { + "name": "USN-3017-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-1" + }, + { + "name": "SUSE-SU-2016:1985", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" + }, + { + "name": "USN-3017-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-3" + }, + { + "name": "USN-3018-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-2" + }, + { + "name": "USN-3021-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3021-2" + }, + { + "name": "USN-3017-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-2" + }, + { + "name": "USN-3019-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3019-1" + }, + { + "name": "openSUSE-SU-2016:1641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "USN-3016-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-2" + }, + { + "name": "USN-3016-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-1" + }, + { + "name": "SUSE-SU-2016:1672", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" + }, + { + "name": "USN-3021-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3021-1" + }, + { + "name": "USN-3018-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-1" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5" + }, + { + "name": "90528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90528" + }, + { + "name": "USN-3016-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-3" + }, + { + "name": "USN-3016-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-4" + }, + { + "name": "USN-3020-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3020-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4702.json b/2016/4xxx/CVE-2016-4702.json index 1a8b8c46767..84f2f67e0c9 100644 --- a/2016/4xxx/CVE-2016-4702.json +++ b/2016/4xxx/CVE-2016-4702.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207141", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207141" - }, - { - "name" : "https://support.apple.com/HT207142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207142" - }, - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "APPLE-SA-2016-09-20-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" - }, - { - "name" : "APPLE-SA-2016-09-20-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" - }, - { - "name" : "93054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93054" - }, - { - "name" : "1036858", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207141", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207141" + }, + { + "name": "1036858", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036858" + }, + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "APPLE-SA-2016-09-20-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" + }, + { + "name": "APPLE-SA-2016-09-20-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" + }, + { + "name": "93054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93054" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + }, + { + "name": "https://support.apple.com/HT207142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207142" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4924.json b/2016/4xxx/CVE-2016-4924.json index a0ddd4ce4d0..dadeb2485c0 100644 --- a/2016/4xxx/CVE-2016-4924.json +++ b/2016/4xxx/CVE-2016-4924.json @@ -1,100 +1,100 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@juniper.net", - "DATE_PUBLIC" : "2016-10-12T09:00", - "ID" : "CVE-2016-4924", - "STATE" : "PUBLIC", - "TITLE" : "vMX: Information leak vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Junos OS", - "version" : { - "version_data" : [ - { - "platform" : "vMX", - "version_value" : "15.1 prior to 15.1F5" - }, - { - "platform" : "vMX", - "version_value" : "14.1 prior to 14.1R8" - } - ] - } - } - ] - }, - "vendor_name" : "Juniper Networks" - } - ] - } - }, - "configuration" : [], - "credit" : [], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8" - } - ] - }, - "exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "LOCAL", - "availabilityImpact" : "NONE", - "baseScore" : 8.4, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "HIGH", - "privilegesRequired" : "LOW", - "scope" : "CHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information leak vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2016-10-12T09:00", + "ID": "CVE-2016-4924", + "STATE": "PUBLIC", + "TITLE": "vMX: Information leak vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "vMX", + "version_value": "15.1 prior to 15.1F5" + }, + { + "platform": "vMX", + "version_value": "14.1 prior to 14.1R8" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/JSA10766", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10766" - }, - { - "name" : "93531", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93531" - } - ] - }, - "solution" : "This issue has been resolved in vMX 14.1R8, 15.1F5, 16.1R1 and all subsequent releases.\n\nThis issue is being tracked as PR 1129051 and is visible on the Customer Support website. ", - "work_around" : [ - { - "lang" : "eng", - "value" : "Limit access to only trusted users on the host machine where vMX is deployed." - } - ] -} + } + }, + "configuration": [], + "credit": [], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8" + } + ] + }, + "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 8.4, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information leak vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93531", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93531" + }, + { + "name": "https://kb.juniper.net/JSA10766", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10766" + } + ] + }, + "solution": "This issue has been resolved in vMX 14.1R8, 15.1F5, 16.1R1 and all subsequent releases.\n\nThis issue is being tracked as PR 1129051 and is visible on the Customer Support website. ", + "work_around": [ + { + "lang": "eng", + "value": "Limit access to only trusted users on the host machine where vMX is deployed." + } + ] +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4966.json b/2016/4xxx/CVE-2016-4966.json index 186ec039be9..e57e81ba428 100644 --- a/2016/4xxx/CVE-2016-4966.json +++ b/2016/4xxx/CVE-2016-4966.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", - "refsource" : "CONFIRM", - "url" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" - }, - { - "name" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" - }, - { - "name" : "VU#724487", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/724487" - }, - { - "name" : "92781", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92781" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", + "refsource": "CONFIRM", + "url": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" + }, + { + "name": "VU#724487", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/724487" + }, + { + "name": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" + }, + { + "name": "92781", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92781" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5065.json b/2016/5xxx/CVE-2016-5065.json index daef0a29ded..5e67bf9a67e 100644 --- a/2016/5xxx/CVE-2016-5065.json +++ b/2016/5xxx/CVE-2016-5065.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2", - "version" : { - "version_data" : [ - { - "version_value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "command injection" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2", + "version": { + "version_data": [ + { + "version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://carvesystems.com/sierra-wireless-2016-advisory.html", - "refsource" : "MISC", - "url" : "https://carvesystems.com/sierra-wireless-2016-advisory.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://carvesystems.com/sierra-wireless-2016-advisory.html", + "refsource": "MISC", + "url": "https://carvesystems.com/sierra-wireless-2016-advisory.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0547.json b/2019/0xxx/CVE-2019-0547.json index 28407a629cb..d16c52f2bf8 100644 --- a/2019/0xxx/CVE-2019-0547.json +++ b/2019/0xxx/CVE-2019-0547.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows 10", - "version" : { - "version_data" : [ - { - "version_value" : "Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Version 1803 for x64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows 10 Servers", - "version" : { - "version_data" : [ - { - "version_value" : "version 1803 (Server Core Installation)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka \"Windows DHCP Client Remote Code Execution Vulnerability.\" This affects Windows 10, Windows 10 Servers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows 10", + "version": { + "version_data": [ + { + "version_value": "Version 1803 for 32-bit Systems" + }, + { + "version_value": "Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Version 1803 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows 10 Servers", + "version": { + "version_data": [ + { + "version_value": "version 1803 (Server Core Installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547" - }, - { - "name" : "106394", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106394" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka \"Windows DHCP Client Remote Code Execution Vulnerability.\" This affects Windows 10, Windows 10 Servers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547" + }, + { + "name": "106394", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106394" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0577.json b/2019/0xxx/CVE-2019-0577.json index a620838d8d2..f814a061e85 100644 --- a/2019/0xxx/CVE-2019-0577.json +++ b/2019/0xxx/CVE-2019-0577.json @@ -1,236 +1,236 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows 7", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit Systems Service Pack 1" - }, - { - "version_value" : "x64-based Systems Service Pack 1" - } - ] - } - }, - { - "product_name" : "Windows Server 2012 R2", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows RT 8.1", - "version" : { - "version_data" : [ - { - "version_value" : "Windows RT 8.1" - } - ] - } - }, - { - "product_name" : "Windows Server 2008", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit Systems Service Pack 2" - }, - { - "version_value" : "32-bit Systems Service Pack 2 (Server Core installation)" - }, - { - "version_value" : "Itanium-Based Systems Service Pack 2" - }, - { - "version_value" : "x64-based Systems Service Pack 2" - }, - { - "version_value" : "x64-based Systems Service Pack 2 (Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows Server 2019", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows Server 2012", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows 8.1", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit systems" - }, - { - "version_value" : "x64-based systems" - } - ] - } - }, - { - "product_name" : "Windows Server 2016", - "version" : { - "version_data" : [ - { - "version_value" : "(Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows Server 2008 R2", - "version" : { - "version_data" : [ - { - "version_value" : "Itanium-Based Systems Service Pack 1" - }, - { - "version_value" : "x64-based Systems Service Pack 1" - }, - { - "version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" - } - ] - } - }, - { - "product_name" : "Windows 10", - "version" : { - "version_data" : [ - { - "version_value" : "32-bit Systems" - }, - { - "version_value" : "Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Version 1607 for x64-based Systems" - }, - { - "version_value" : "Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Version 1703 for x64-based Systems" - }, - { - "version_value" : "Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Version 1709 for ARM64-based Systems" - }, - { - "version_value" : "Version 1709 for x64-based Systems" - }, - { - "version_value" : "Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Version 1803 for x64-based Systems" - }, - { - "version_value" : "Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Version 1809 for x64-based Systems" - }, - { - "version_value" : "x64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows 10 Servers", - "version" : { - "version_data" : [ - { - "version_value" : "version 1709 (Server Core Installation)" - }, - { - "version_value" : "version 1803 (Server Core Installation)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows 7", + "version": { + "version_data": [ + { + "version_value": "32-bit Systems Service Pack 1" + }, + { + "version_value": "x64-based Systems Service Pack 1" + } + ] + } + }, + { + "product_name": "Windows Server 2012 R2", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows RT 8.1", + "version": { + "version_data": [ + { + "version_value": "Windows RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server 2008", + "version": { + "version_data": [ + { + "version_value": "32-bit Systems Service Pack 2" + }, + { + "version_value": "32-bit Systems Service Pack 2 (Server Core installation)" + }, + { + "version_value": "Itanium-Based Systems Service Pack 2" + }, + { + "version_value": "x64-based Systems Service Pack 2" + }, + { + "version_value": "x64-based Systems Service Pack 2 (Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2019", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2012", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows 8.1", + "version": { + "version_data": [ + { + "version_value": "32-bit systems" + }, + { + "version_value": "x64-based systems" + } + ] + } + }, + { + "product_name": "Windows Server 2016", + "version": { + "version_data": [ + { + "version_value": "(Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2", + "version": { + "version_data": [ + { + "version_value": "Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "x64-based Systems Service Pack 1" + }, + { + "version_value": "x64-based Systems Service Pack 1 (Server Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10", + "version": { + "version_data": [ + { + "version_value": "32-bit Systems" + }, + { + "version_value": "Version 1607 for 32-bit Systems" + }, + { + "version_value": "Version 1607 for x64-based Systems" + }, + { + "version_value": "Version 1703 for 32-bit Systems" + }, + { + "version_value": "Version 1703 for x64-based Systems" + }, + { + "version_value": "Version 1709 for 32-bit Systems" + }, + { + "version_value": "Version 1709 for ARM64-based Systems" + }, + { + "version_value": "Version 1709 for x64-based Systems" + }, + { + "version_value": "Version 1803 for 32-bit Systems" + }, + { + "version_value": "Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Version 1803 for x64-based Systems" + }, + { + "version_value": "Version 1809 for 32-bit Systems" + }, + { + "version_value": "Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Version 1809 for x64-based Systems" + }, + { + "version_value": "x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows 10 Servers", + "version": { + "version_data": [ + { + "version_value": "version 1709 (Server Core Installation)" + }, + { + "version_value": "version 1803 (Server Core Installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577" - }, - { - "name" : "106423", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106423" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106423", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106423" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0708.json b/2019/0xxx/CVE-2019-0708.json index fd3bae3c783..272bb93818b 100644 --- a/2019/0xxx/CVE-2019-0708.json +++ b/2019/0xxx/CVE-2019-0708.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0708", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0708", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0877.json b/2019/0xxx/CVE-2019-0877.json index 372136240f3..516270b3f9a 100644 --- a/2019/0xxx/CVE-2019-0877.json +++ b/2019/0xxx/CVE-2019-0877.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0877", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0877", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3177.json b/2019/3xxx/CVE-2019-3177.json index 867684b44e3..bffcdabbe3a 100644 --- a/2019/3xxx/CVE-2019-3177.json +++ b/2019/3xxx/CVE-2019-3177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3282.json b/2019/3xxx/CVE-2019-3282.json index f73c852c4e8..b18169adef1 100644 --- a/2019/3xxx/CVE-2019-3282.json +++ b/2019/3xxx/CVE-2019-3282.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3282", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3282", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3594.json b/2019/3xxx/CVE-2019-3594.json index b3ccf66dc8a..16d6ac09b2a 100644 --- a/2019/3xxx/CVE-2019-3594.json +++ b/2019/3xxx/CVE-2019-3594.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3594", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3594", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4478.json b/2019/4xxx/CVE-2019-4478.json index 2e72449276b..7347938b1d1 100644 --- a/2019/4xxx/CVE-2019-4478.json +++ b/2019/4xxx/CVE-2019-4478.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4478", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4478", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4671.json b/2019/4xxx/CVE-2019-4671.json index 5c57e354747..d54dca7da39 100644 --- a/2019/4xxx/CVE-2019-4671.json +++ b/2019/4xxx/CVE-2019-4671.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4671", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4671", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4817.json b/2019/4xxx/CVE-2019-4817.json index 861bdfc98b6..0d439eff42f 100644 --- a/2019/4xxx/CVE-2019-4817.json +++ b/2019/4xxx/CVE-2019-4817.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4817", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4817", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7784.json b/2019/7xxx/CVE-2019-7784.json index 4dc30d5e3e9..fae9a848dbb 100644 --- a/2019/7xxx/CVE-2019-7784.json +++ b/2019/7xxx/CVE-2019-7784.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7784", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7784", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7824.json b/2019/7xxx/CVE-2019-7824.json index af3e3e5eac8..a298841fa90 100644 --- a/2019/7xxx/CVE-2019-7824.json +++ b/2019/7xxx/CVE-2019-7824.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7824", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7824", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8553.json b/2019/8xxx/CVE-2019-8553.json index 083824615b6..d6a6718e401 100644 --- a/2019/8xxx/CVE-2019-8553.json +++ b/2019/8xxx/CVE-2019-8553.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8553", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8553", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8666.json b/2019/8xxx/CVE-2019-8666.json index 09afb1389d8..10b8db482f7 100644 --- a/2019/8xxx/CVE-2019-8666.json +++ b/2019/8xxx/CVE-2019-8666.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8666", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8666", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8716.json b/2019/8xxx/CVE-2019-8716.json index 2b7bc60ab8c..19d0b908363 100644 --- a/2019/8xxx/CVE-2019-8716.json +++ b/2019/8xxx/CVE-2019-8716.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8716", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8716", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8792.json b/2019/8xxx/CVE-2019-8792.json index 0221f8ce1cb..f73a72f9134 100644 --- a/2019/8xxx/CVE-2019-8792.json +++ b/2019/8xxx/CVE-2019-8792.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8792", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8792", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8840.json b/2019/8xxx/CVE-2019-8840.json index c772157efa8..0b615c5f171 100644 --- a/2019/8xxx/CVE-2019-8840.json +++ b/2019/8xxx/CVE-2019-8840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9472.json b/2019/9xxx/CVE-2019-9472.json index 0ebafd95e07..e32b50345e0 100644 --- a/2019/9xxx/CVE-2019-9472.json +++ b/2019/9xxx/CVE-2019-9472.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9472", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9472", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9602.json b/2019/9xxx/CVE-2019-9602.json index c0389293fa4..f4b41d85930 100644 --- a/2019/9xxx/CVE-2019-9602.json +++ b/2019/9xxx/CVE-2019-9602.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9602", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9602", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9769.json b/2019/9xxx/CVE-2019-9769.json index b73c27d78a4..d9e3414feb3 100644 --- a/2019/9xxx/CVE-2019-9769.json +++ b/2019/9xxx/CVE-2019-9769.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46531", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46531" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46531", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46531" + } + ] + } +} \ No newline at end of file