From 8b655eac1eb6ad566dfa6cd0e86cb51bf24651aa Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:36:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0353.json | 200 ++++----- 2007/3xxx/CVE-2007-3583.json | 170 ++++---- 2007/3xxx/CVE-2007-3619.json | 210 +++++----- 2007/3xxx/CVE-2007-3664.json | 130 +++--- 2007/4xxx/CVE-2007-4128.json | 170 ++++---- 2007/4xxx/CVE-2007-4459.json | 210 +++++----- 2007/4xxx/CVE-2007-4572.json | 630 ++++++++++++++--------------- 2007/6xxx/CVE-2007-6114.json | 390 +++++++++--------- 2007/6xxx/CVE-2007-6659.json | 160 ++++---- 2014/1xxx/CVE-2014-1617.json | 34 +- 2014/1xxx/CVE-2014-1647.json | 130 +++--- 2014/1xxx/CVE-2014-1952.json | 34 +- 2014/5xxx/CVE-2014-5260.json | 150 +++---- 2014/5xxx/CVE-2014-5414.json | 130 +++--- 2014/5xxx/CVE-2014-5828.json | 140 +++---- 2014/5xxx/CVE-2014-5835.json | 140 +++---- 2014/5xxx/CVE-2014-5928.json | 140 +++---- 2014/5xxx/CVE-2014-5933.json | 140 +++---- 2015/2xxx/CVE-2015-2678.json | 190 ++++----- 2015/6xxx/CVE-2015-6015.json | 150 +++---- 2015/6xxx/CVE-2015-6208.json | 34 +- 2015/6xxx/CVE-2015-6777.json | 210 +++++----- 2015/6xxx/CVE-2015-6958.json | 34 +- 2016/0xxx/CVE-2016-0495.json | 150 +++---- 2016/0xxx/CVE-2016-0621.json | 34 +- 2016/1000xxx/CVE-2016-1000110.json | 34 +- 2016/10xxx/CVE-2016-10064.json | 160 ++++---- 2016/10xxx/CVE-2016-10379.json | 130 +++--- 2016/4xxx/CVE-2016-4260.json | 140 +++---- 2016/4xxx/CVE-2016-4498.json | 140 +++---- 2016/4xxx/CVE-2016-4611.json | 190 ++++----- 2016/4xxx/CVE-2016-4669.json | 180 ++++----- 2016/4xxx/CVE-2016-4678.json | 140 +++---- 2016/4xxx/CVE-2016-4968.json | 150 +++---- 2016/9xxx/CVE-2016-9049.json | 130 +++--- 2016/9xxx/CVE-2016-9076.json | 152 +++---- 2016/9xxx/CVE-2016-9255.json | 34 +- 2016/9xxx/CVE-2016-9300.json | 34 +- 2019/2xxx/CVE-2019-2106.json | 34 +- 2019/2xxx/CVE-2019-2727.json | 34 +- 2019/3xxx/CVE-2019-3039.json | 34 +- 2019/3xxx/CVE-2019-3120.json | 34 +- 2019/3xxx/CVE-2019-3451.json | 34 +- 2019/3xxx/CVE-2019-3709.json | 34 +- 2019/6xxx/CVE-2019-6277.json | 34 +- 2019/6xxx/CVE-2019-6355.json | 34 +- 2019/6xxx/CVE-2019-6916.json | 34 +- 2019/6xxx/CVE-2019-6971.json | 34 +- 2019/7xxx/CVE-2019-7340.json | 120 +++--- 2019/7xxx/CVE-2019-7390.json | 130 +++--- 2019/7xxx/CVE-2019-7833.json | 34 +- 2019/8xxx/CVE-2019-8215.json | 34 +- 2019/8xxx/CVE-2019-8221.json | 34 +- 2019/8xxx/CVE-2019-8682.json | 34 +- 2019/8xxx/CVE-2019-8774.json | 34 +- 2019/9xxx/CVE-2019-9425.json | 34 +- 56 files changed, 3259 insertions(+), 3259 deletions(-) diff --git a/2007/0xxx/CVE-2007-0353.json b/2007/0xxx/CVE-2007-0353.json index 3df3ead7e6d..471ea5c6aa2 100644 --- a/2007/0xxx/CVE-2007-0353.json +++ b/2007/0xxx/CVE-2007-0353.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0353", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0353", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457206/100/0/threaded" - }, - { - "name" : "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html" - }, - { - "name" : "http://mywebland.com/forums/showtopic.php?t=1224", - "refsource" : "MISC", - "url" : "http://mywebland.com/forums/showtopic.php?t=1224" - }, - { - "name" : "22097", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22097" - }, - { - "name" : "32929", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32929" - }, - { - "name" : "32930", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32930" - }, - { - "name" : "1017531", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017531" - }, - { - "name" : "2155", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2155" - }, - { - "name" : "mybloggie-indexlogin-xss(31554)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31554" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mybloggie-indexlogin-xss(31554)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31554" + }, + { + "name": "32930", + "refsource": "OSVDB", + "url": "http://osvdb.org/32930" + }, + { + "name": "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457206/100/0/threaded" + }, + { + "name": "2155", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2155" + }, + { + "name": "22097", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22097" + }, + { + "name": "http://mywebland.com/forums/showtopic.php?t=1224", + "refsource": "MISC", + "url": "http://mywebland.com/forums/showtopic.php?t=1224" + }, + { + "name": "32929", + "refsource": "OSVDB", + "url": "http://osvdb.org/32929" + }, + { + "name": "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html" + }, + { + "name": "1017531", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017531" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3583.json b/2007/3xxx/CVE-2007-3583.json index 8e6e9c98975..4a893eed1e1 100644 --- a/2007/3xxx/CVE-2007-3583.json +++ b/2007/3xxx/CVE-2007-3583.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the idnew parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4142", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4142" - }, - { - "name" : "24755", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24755" - }, - { - "name" : "ADV-2007-2434", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2434" - }, - { - "name" : "36365", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36365" - }, - { - "name" : "25925", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25925" - }, - { - "name" : "girlserv-detailsnews-sql-injection(35253)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35253" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the idnew parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "girlserv-detailsnews-sql-injection(35253)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35253" + }, + { + "name": "36365", + "refsource": "OSVDB", + "url": "http://osvdb.org/36365" + }, + { + "name": "24755", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24755" + }, + { + "name": "ADV-2007-2434", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2434" + }, + { + "name": "4142", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4142" + }, + { + "name": "25925", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25925" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3619.json b/2007/3xxx/CVE-2007-3619.json index 125ac58ecdc..54ba5ba5309 100644 --- a/2007/3xxx/CVE-2007-3619.json +++ b/2007/3xxx/CVE-2007-3619.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3619", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3619", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070705 [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472886/100/0/threaded" - }, - { - "name" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt", - "refsource" : "MISC", - "url" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt" - }, - { - "name" : "http://www.maiamailguard.org/maia/changeset/1184", - "refsource" : "CONFIRM", - "url" : "http://www.maiamailguard.org/maia/changeset/1184" - }, - { - "name" : "http://www.maiamailguard.org/maia/ticket/479", - "refsource" : "CONFIRM", - "url" : "http://www.maiamailguard.org/maia/ticket/479" - }, - { - "name" : "24770", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24770" - }, - { - "name" : "ADV-2007-2456", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2456" - }, - { - "name" : "37884", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37884" - }, - { - "name" : "1018338", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018338" - }, - { - "name" : "25951", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25951" - }, - { - "name" : "2864", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2864" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37884", + "refsource": "OSVDB", + "url": "http://osvdb.org/37884" + }, + { + "name": "http://www.maiamailguard.org/maia/changeset/1184", + "refsource": "CONFIRM", + "url": "http://www.maiamailguard.org/maia/changeset/1184" + }, + { + "name": "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt", + "refsource": "MISC", + "url": "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt" + }, + { + "name": "2864", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2864" + }, + { + "name": "1018338", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018338" + }, + { + "name": "ADV-2007-2456", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2456" + }, + { + "name": "20070705 [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472886/100/0/threaded" + }, + { + "name": "http://www.maiamailguard.org/maia/ticket/479", + "refsource": "CONFIRM", + "url": "http://www.maiamailguard.org/maia/ticket/479" + }, + { + "name": "24770", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24770" + }, + { + "name": "25951", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25951" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3664.json b/2007/3xxx/CVE-2007-3664.json index f21c6a1838c..20c88dd61e7 100644 --- a/2007/3xxx/CVE-2007-3664.json +++ b/2007/3xxx/CVE-2007-3664.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3664", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when \"improperly used\", as demonstrated by the AcceptControls subroutine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3664", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070707 [Eleytt] 7LIPIEC2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473187" - }, - { - "name" : "43776", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43776" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when \"improperly used\", as demonstrated by the AcceptControls subroutine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070707 [Eleytt] 7LIPIEC2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473187" + }, + { + "name": "43776", + "refsource": "OSVDB", + "url": "http://osvdb.org/43776" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4128.json b/2007/4xxx/CVE-2007-4128.json index f98a5206b39..8893fc38d4b 100644 --- a/2007/4xxx/CVE-2007-4128.json +++ b/2007/4xxx/CVE-2007-4128.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the Firestorm Technologies GMaps (com_gmaps) 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4248", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4248" - }, - { - "name" : "http://firestorm-technologies.com/", - "refsource" : "CONFIRM", - "url" : "http://firestorm-technologies.com/" - }, - { - "name" : "25146", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25146" - }, - { - "name" : "ADV-2007-2745", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2745" - }, - { - "name" : "39192", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39192" - }, - { - "name" : "gmaps-mapid-sql-injection(35701)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35701" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the Firestorm Technologies GMaps (com_gmaps) 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2745", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2745" + }, + { + "name": "39192", + "refsource": "OSVDB", + "url": "http://osvdb.org/39192" + }, + { + "name": "4248", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4248" + }, + { + "name": "http://firestorm-technologies.com/", + "refsource": "CONFIRM", + "url": "http://firestorm-technologies.com/" + }, + { + "name": "25146", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25146" + }, + { + "name": "gmaps-mapid-sql-injection(35701)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35701" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4459.json b/2007/4xxx/CVE-2007-4459.json index 8e198cf6844..0cb4d6e61bd 100644 --- a/2007/4xxx/CVE-2007-4459.json +++ b/2007/4xxx/CVE-2007-4459.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html" - }, - { - "name" : "20070820 3 messsages attack remote DOS on Cisco 7940", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html" - }, - { - "name" : "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml" - }, - { - "name" : "25378", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25378" - }, - { - "name" : "ADV-2007-2928", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2928" - }, - { - "name" : "36695", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36695" - }, - { - "name" : "1018591", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018591" - }, - { - "name" : "26547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26547" - }, - { - "name" : "3042", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3042" - }, - { - "name" : "cisco-ipphone-sip-dos(36125)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25378", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25378" + }, + { + "name": "cisco-ipphone-sip-dos(36125)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125" + }, + { + "name": "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml" + }, + { + "name": "26547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26547" + }, + { + "name": "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html" + }, + { + "name": "3042", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3042" + }, + { + "name": "20070820 3 messsages attack remote DOS on Cisco 7940", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html" + }, + { + "name": "1018591", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018591" + }, + { + "name": "ADV-2007-2928", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2928" + }, + { + "name": "36695", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36695" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4572.json b/2007/4xxx/CVE-2007-4572.json index 708967dd744..f80b86062b2 100644 --- a/2007/4xxx/CVE-2007-4572.json +++ b/2007/4xxx/CVE-2007-4572.json @@ -1,317 +1,317 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-4572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485936/100/0/threaded" - }, - { - "name" : "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486859/100/0/threaded" - }, - { - "name" : "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", - "refsource" : "MLIST", - "url" : "http://lists.vmware.com/pipermail/security-announce/2008/000002.html" - }, - { - "name" : "http://us1.samba.org/samba/security/CVE-2007-4572.html", - "refsource" : "CONFIRM", - "url" : "http://us1.samba.org/samba/security/CVE-2007-4572.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1894", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1894" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307179", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307179" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html" - }, - { - "name" : "APPLE-SA-2007-12-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" - }, - { - "name" : "DSA-1409", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1409" - }, - { - "name" : "FEDORA-2007-3402", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html" - }, - { - "name" : "GLSA-200711-29", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml" - }, - { - "name" : "HPSBUX02316", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120524782005154&w=2" - }, - { - "name" : "SSRT071495", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120524782005154&w=2" - }, - { - "name" : "HPSBUX02341", - "refsource" : "HP", - "url" : "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" - }, - { - "name" : "SSRT080075", - "refsource" : "HP", - "url" : "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" - }, - { - "name" : "MDKSA-2007:224", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224" - }, - { - "name" : "RHSA-2007:1013", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1013.html" - }, - { - "name" : "RHSA-2007:1016", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1016.html" - }, - { - "name" : "RHSA-2007:1017", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1017.html" - }, - { - "name" : "SSA:2007-320-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739" - }, - { - "name" : "237764", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1" - }, - { - "name" : "SUSE-SA:2007:065", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_65_samba.html" - }, - { - "name" : "USN-544-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/544-1/" - }, - { - "name" : "USN-544-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-544-2" - }, - { - "name" : "USN-617-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-617-1" - }, - { - "name" : "TA07-352A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" - }, - { - "name" : "26454", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26454" - }, - { - "name" : "oval:org.mitre.oval:def:5643", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643" - }, - { - "name" : "oval:org.mitre.oval:def:11132", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132" - }, - { - "name" : "ADV-2007-3869", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3869" - }, - { - "name" : "ADV-2007-4238", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4238" - }, - { - "name" : "ADV-2008-0064", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0064" - }, - { - "name" : "ADV-2008-0859", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0859/references" - }, - { - "name" : "ADV-2008-1712", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1712/references" - }, - { - "name" : "ADV-2008-1908", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1908" - }, - { - "name" : "1018954", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018954" - }, - { - "name" : "27450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27450" - }, - { - "name" : "27679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27679" - }, - { - "name" : "27682", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27682" - }, - { - "name" : "27691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27691" - }, - { - "name" : "27701", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27701" - }, - { - "name" : "27720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27720" - }, - { - "name" : "27731", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27731" - }, - { - "name" : "27787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27787" - }, - { - "name" : "27927", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27927" - }, - { - "name" : "28136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28136" - }, - { - "name" : "28368", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28368" - }, - { - "name" : "29341", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29341" - }, - { - "name" : "30484", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30484" - }, - { - "name" : "30736", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30736" - }, - { - "name" : "30835", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30835" - }, - { - "name" : "samba-nmbd-bo(38501)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-544-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-544-2" + }, + { + "name": "27691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27691" + }, + { + "name": "RHSA-2007:1016", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html" + }, + { + "name": "USN-544-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/544-1/" + }, + { + "name": "ADV-2007-4238", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4238" + }, + { + "name": "TA07-352A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" + }, + { + "name": "30835", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30835" + }, + { + "name": "29341", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29341" + }, + { + "name": "1018954", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018954" + }, + { + "name": "SSA:2007-320-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739" + }, + { + "name": "HPSBUX02316", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120524782005154&w=2" + }, + { + "name": "28136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28136" + }, + { + "name": "30736", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30736" + }, + { + "name": "ADV-2007-3869", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3869" + }, + { + "name": "27679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27679" + }, + { + "name": "27682", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27682" + }, + { + "name": "27701", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27701" + }, + { + "name": "RHSA-2007:1013", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html" + }, + { + "name": "ADV-2008-1908", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1908" + }, + { + "name": "samba-nmbd-bo(38501)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501" + }, + { + "name": "27720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27720" + }, + { + "name": "SSRT071495", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120524782005154&w=2" + }, + { + "name": "HPSBUX02341", + "refsource": "HP", + "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" + }, + { + "name": "30484", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30484" + }, + { + "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded" + }, + { + "name": "DSA-1409", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1409" + }, + { + "name": "27450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27450" + }, + { + "name": "27731", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27731" + }, + { + "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", + "refsource": "MLIST", + "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html" + }, + { + "name": "oval:org.mitre.oval:def:11132", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132" + }, + { + "name": "SSRT080075", + "refsource": "HP", + "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" + }, + { + "name": "APPLE-SA-2007-12-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" + }, + { + "name": "MDKSA-2007:224", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224" + }, + { + "name": "27787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27787" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307179", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307179" + }, + { + "name": "oval:org.mitre.oval:def:5643", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643" + }, + { + "name": "28368", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28368" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1894", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1894" + }, + { + "name": "26454", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26454" + }, + { + "name": "GLSA-200711-29", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml" + }, + { + "name": "USN-617-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-617-1" + }, + { + "name": "FEDORA-2007-3402", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html" + }, + { + "name": "27927", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27927" + }, + { + "name": "ADV-2008-1712", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1712/references" + }, + { + "name": "ADV-2008-0859", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0859/references" + }, + { + "name": "237764", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html" + }, + { + "name": "http://us1.samba.org/samba/security/CVE-2007-4572.html", + "refsource": "CONFIRM", + "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html" + }, + { + "name": "RHSA-2007:1017", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html" + }, + { + "name": "ADV-2008-0064", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0064" + }, + { + "name": "SUSE-SA:2007:065", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html" + }, + { + "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6114.json b/2007/6xxx/CVE-2007-6114.json index 2f434a3718d..c6d0d6e72f8 100644 --- a/2007/6xxx/CVE-2007-6114.json +++ b/2007/6xxx/CVE-2007-6114.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6114", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-6114", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080103 rPSA-2008-0004-1 tshark wireshark", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485792/100/0/threaded" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=199958", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=199958" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1975", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1975" - }, - { - "name" : "DSA-1414", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1414" - }, - { - "name" : "FEDORA-2007-4590", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html" - }, - { - "name" : "FEDORA-2007-4690", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html" - }, - { - "name" : "GLSA-200712-23", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-23.xml" - }, - { - "name" : "MDVSA-2008:001", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001" - }, - { - "name" : "MDVSA-2008:1", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1" - }, - { - "name" : "RHSA-2008:0058", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0058.html" - }, - { - "name" : "RHSA-2008:0059", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0059.html" - }, - { - "name" : "SUSE-SR:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" - }, - { - "name" : "26532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26532" - }, - { - "name" : "oval:org.mitre.oval:def:10708", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708" - }, - { - "name" : "ADV-2007-3956", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3956" - }, - { - "name" : "1018988", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018988" - }, - { - "name" : "27777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27777" - }, - { - "name" : "27817", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27817" - }, - { - "name" : "28197", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28197" - }, - { - "name" : "28288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28288" - }, - { - "name" : "28304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28304" - }, - { - "name" : "28207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28207" - }, - { - "name" : "28325", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28325" - }, - { - "name" : "28564", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28564" - }, - { - "name" : "28583", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28583" - }, - { - "name" : "29048", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27777" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1975", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1975" + }, + { + "name": "29048", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29048" + }, + { + "name": "26532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26532" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2007-03.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2007-03.html" + }, + { + "name": "28564", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28564" + }, + { + "name": "20080103 rPSA-2008-0004-1 tshark wireshark", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485792/100/0/threaded" + }, + { + "name": "GLSA-200712-23", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-23.xml" + }, + { + "name": "RHSA-2008:0059", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0059.html" + }, + { + "name": "28304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28304" + }, + { + "name": "1018988", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018988" + }, + { + "name": "DSA-1414", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1414" + }, + { + "name": "FEDORA-2007-4690", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html" + }, + { + "name": "28325", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28325" + }, + { + "name": "MDVSA-2008:1", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1" + }, + { + "name": "MDVSA-2008:001", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001" + }, + { + "name": "RHSA-2008:0058", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0058.html" + }, + { + "name": "SUSE-SR:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=199958", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=199958" + }, + { + "name": "28583", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28583" + }, + { + "name": "ADV-2007-3956", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3956" + }, + { + "name": "28197", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28197" + }, + { + "name": "28288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28288" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004" + }, + { + "name": "28207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28207" + }, + { + "name": "oval:org.mitre.oval:def:10708", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708" + }, + { + "name": "FEDORA-2007-4590", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html" + }, + { + "name": "27817", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27817" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6659.json b/2007/6xxx/CVE-2007-6659.json index c326a7d491d..9635dfd7993 100644 --- a/2007/6xxx/CVE-2007-6659.json +++ b/2007/6xxx/CVE-2007-6659.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an addnews action to the default URI; (3) the content parameter in a pm write action to 2z/admin.php; (4) the referer parameter to templates/default/usermenu.tpl, accessed through index.php; or the (5) newavatar or (6) newphoto parameter in a profile action to the default URI under 2z/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071228 2z-project 0.9.6.1 Multiple Security Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485590/100/0/threaded" - }, - { - "name" : "http://2z-project.ru/forum/viewtopic.php?pid=8309", - "refsource" : "CONFIRM", - "url" : "http://2z-project.ru/forum/viewtopic.php?pid=8309" - }, - { - "name" : "27057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27057" - }, - { - "name" : "28244", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28244" - }, - { - "name" : "3514", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an addnews action to the default URI; (3) the content parameter in a pm write action to 2z/admin.php; (4) the referer parameter to templates/default/usermenu.tpl, accessed through index.php; or the (5) newavatar or (6) newphoto parameter in a profile action to the default URI under 2z/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27057" + }, + { + "name": "3514", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3514" + }, + { + "name": "20071228 2z-project 0.9.6.1 Multiple Security Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485590/100/0/threaded" + }, + { + "name": "28244", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28244" + }, + { + "name": "http://2z-project.ru/forum/viewtopic.php?pid=8309", + "refsource": "CONFIRM", + "url": "http://2z-project.ru/forum/viewtopic.php?pid=8309" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1617.json b/2014/1xxx/CVE-2014-1617.json index 6b71ff87ca7..79246698377 100644 --- a/2014/1xxx/CVE-2014-1617.json +++ b/2014/1xxx/CVE-2014-1617.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1617", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1617", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1647.json b/2014/1xxx/CVE-2014-1647.json index 6b6e4e7334f..ed20422273f 100644 --- a/2014/1xxx/CVE-2014-1647.json +++ b/2014/1xxx/CVE-2014-1647.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "ID": "CVE-2014-1647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00" - }, - { - "name" : "67020", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67020" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "67020", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67020" + }, + { + "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1952.json b/2014/1xxx/CVE-2014-1952.json index 69d1f6c537a..7e56ab1ef09 100644 --- a/2014/1xxx/CVE-2014-1952.json +++ b/2014/1xxx/CVE-2014-1952.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1952", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1952", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5260.json b/2014/5xxx/CVE-2014-5260.json index 500de213a2d..e609376e707 100644 --- a/2014/5xxx/CVE-2014-5260.json +++ b/2014/5xxx/CVE-2014-5260.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2014-5260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140815 Re: CVE Request: XML-DT: Insecure use of temporary files", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/08/15/8" - }, - { - "name" : "https://bugs.debian.org/756566", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/756566" - }, - { - "name" : "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/", - "refsource" : "CONFIRM", - "url" : "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/" - }, - { - "name" : "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes", - "refsource" : "CONFIRM", - "url" : "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes", + "refsource": "CONFIRM", + "url": "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes" + }, + { + "name": "https://bugs.debian.org/756566", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/756566" + }, + { + "name": "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/", + "refsource": "CONFIRM", + "url": "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/" + }, + { + "name": "[oss-security] 20140815 Re: CVE Request: XML-DT: Insecure use of temporary files", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/08/15/8" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5414.json b/2014/5xxx/CVE-2014-5414.json index f8c80a18898..bc3ba836fe0 100644 --- a/2014/5xxx/CVE-2014-5414.json +++ b/2014/5xxx/CVE-2014-5414.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2014-5414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02" - }, - { - "name" : "93349", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93349" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93349", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93349" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5828.json b/2014/5xxx/CVE-2014-5828.json index c40f0feb271..5e5cd6bd8bf 100644 --- a/2014/5xxx/CVE-2014-5828.json +++ b/2014/5xxx/CVE-2014-5828.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5828", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5828", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#719249", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/719249" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#719249", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/719249" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5835.json b/2014/5xxx/CVE-2014-5835.json index cab3bf0fe28..ad04c0652f8 100644 --- a/2014/5xxx/CVE-2014-5835.json +++ b/2014/5xxx/CVE-2014-5835.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5835", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Club Personal (aka com.globant.clubpersonal) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5835", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#476281", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/476281" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Club Personal (aka com.globant.clubpersonal) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#476281", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/476281" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5928.json b/2014/5xxx/CVE-2014-5928.json index fdcd9c6b01c..dccf56ee948 100644 --- a/2014/5xxx/CVE-2014-5928.json +++ b/2014/5xxx/CVE-2014-5928.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5928", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5928", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#425065", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/425065" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#425065", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/425065" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5933.json b/2014/5xxx/CVE-2014-5933.json index 1131b48e6cb..1f562f1619a 100644 --- a/2014/5xxx/CVE-2014-5933.json +++ b/2014/5xxx/CVE-2014-5933.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5933", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5933", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#152089", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/152089" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#152089", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/152089" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2678.json b/2015/2xxx/CVE-2015-2678.json index 1aa07a4b38b..2f3df0af268 100644 --- a/2015/2xxx/CVE-2015-2678.json +++ b/2015/2xxx/CVE-2015-2678.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36321", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/36321" - }, - { - "name" : "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17", - "refsource" : "MISC", - "url" : "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17" - }, - { - "name" : "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php" - }, - { - "name" : "https://github.com/semplon/GeniXCMS/issues/7", - "refsource" : "MISC", - "url" : "https://github.com/semplon/GeniXCMS/issues/7" - }, - { - "name" : "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815", - "refsource" : "CONFIRM", - "url" : "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815" - }, - { - "name" : "73301", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73301" - }, - { - "name" : "119394", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/119394" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php" + }, + { + "name": "73301", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73301" + }, + { + "name": "https://github.com/semplon/GeniXCMS/issues/7", + "refsource": "MISC", + "url": "https://github.com/semplon/GeniXCMS/issues/7" + }, + { + "name": "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17", + "refsource": "MISC", + "url": "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17" + }, + { + "name": "36321", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/36321" + }, + { + "name": "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815", + "refsource": "CONFIRM", + "url": "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815" + }, + { + "name": "119394", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/119394" + }, + { + "name": "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6015.json b/2015/6xxx/CVE-2015-6015.json index 0202865465e..8792ca8567f 100644 --- a/2015/6xxx/CVE-2015-6015.json +++ b/2015/6xxx/CVE-2015-6015.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "VU#916896", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/916896" - }, - { - "name" : "81243", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81243" - }, - { - "name" : "1034711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "VU#916896", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/916896" + }, + { + "name": "1034711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034711" + }, + { + "name": "81243", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81243" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6208.json b/2015/6xxx/CVE-2015-6208.json index 2f0e672678e..2749efb29a2 100644 --- a/2015/6xxx/CVE-2015-6208.json +++ b/2015/6xxx/CVE-2015-6208.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6208", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6208", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6777.json b/2015/6xxx/CVE-2015-6777.json index 7de8a999b80..9dde2ea0eef 100644 --- a/2015/6xxx/CVE-2015-6777.json +++ b/2015/6xxx/CVE-2015-6777.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=544020", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=544020" - }, - { - "name" : "https://codereview.chromium.org/1420653003/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1420653003/" - }, - { - "name" : "DSA-3415", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3415" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "USN-2825-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2825-1" - }, - { - "name" : "78416", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78416" - }, - { - "name" : "1034298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "USN-2825-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2825-1" + }, + { + "name": "https://codereview.chromium.org/1420653003/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1420653003/" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=544020", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=544020" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "78416", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78416" + }, + { + "name": "DSA-3415", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3415" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + }, + { + "name": "1034298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034298" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6958.json b/2015/6xxx/CVE-2015-6958.json index 0b47a86819f..d41943561d7 100644 --- a/2015/6xxx/CVE-2015-6958.json +++ b/2015/6xxx/CVE-2015-6958.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6958", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6958", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0495.json b/2016/0xxx/CVE-2016-0495.json index 52dc50e0018..37de3e86518 100644 --- a/2016/0xxx/CVE-2016-0495.json +++ b/2016/0xxx/CVE-2016-0495.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0495", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0495", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "DSA-3454", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3454" - }, - { - "name" : "81214", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81214" - }, - { - "name" : "1034731", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034731", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034731" + }, + { + "name": "DSA-3454", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3454" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "81214", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81214" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0621.json b/2016/0xxx/CVE-2016-0621.json index 8f2bd10fa82..ec660b2e79d 100644 --- a/2016/0xxx/CVE-2016-0621.json +++ b/2016/0xxx/CVE-2016-0621.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0621", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0621", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000110.json b/2016/1000xxx/CVE-2016-1000110.json index e86370017ce..4fa1d9763bc 100644 --- a/2016/1000xxx/CVE-2016-1000110.json +++ b/2016/1000xxx/CVE-2016-1000110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000110", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000110", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10064.json b/2016/10xxx/CVE-2016-10064.json index f2447440c28..088663d928b 100644 --- a/2016/10xxx/CVE-2016-10064.json +++ b/2016/10xxx/CVE-2016-10064.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/26/9" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410478", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410478" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288" - }, - { - "name" : "openSUSE-SU-2017:0391", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html" - }, - { - "name" : "95211", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288" + }, + { + "name": "openSUSE-SU-2017:0391", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html" + }, + { + "name": "95211", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95211" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478" + }, + { + "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10379.json b/2016/10xxx/CVE-2016-10379.json index d03447eebf1..b223fd6ac5d 100644 --- a/2016/10xxx/CVE-2016-10379.json +++ b/2016/10xxx/CVE-2016-10379.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10379", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10379", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html", - "refsource" : "MISC", - "url" : "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html" - }, - { - "name" : "98753", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98753" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98753", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98753" + }, + { + "name": "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html", + "refsource": "MISC", + "url": "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4260.json b/2016/4xxx/CVE-2016-4260.json index 1237ad92679..166ea9dcc3b 100644 --- a/2016/4xxx/CVE-2016-4260.json +++ b/2016/4xxx/CVE-2016-4260.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" - }, - { - "name" : "92928", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92928" - }, - { - "name" : "1036793", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036793", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036793" + }, + { + "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" + }, + { + "name": "92928", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92928" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4498.json b/2016/4xxx/CVE-2016-4498.json index 34b4be8cb3a..3f72e4ec97d 100644 --- a/2016/4xxx/CVE-2016-4498.json +++ b/2016/4xxx/CVE-2016-4498.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-332/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-332/" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01" - }, - { - "name" : "90521", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90521", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90521" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-332/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-332/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4611.json b/2016/4xxx/CVE-2016-4611.json index e0b9bdba096..d736e74e5f8 100644 --- a/2016/4xxx/CVE-2016-4611.json +++ b/2016/4xxx/CVE-2016-4611.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207142" - }, - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207157", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207157" - }, - { - "name" : "APPLE-SA-2016-09-20-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "APPLE-SA-2016-09-20-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" - }, - { - "name" : "93057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93057" - }, - { - "name" : "1036854", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "https://support.apple.com/HT207157", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207157" + }, + { + "name": "APPLE-SA-2016-09-20-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" + }, + { + "name": "1036854", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036854" + }, + { + "name": "https://support.apple.com/HT207142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207142" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + }, + { + "name": "93057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93057" + }, + { + "name": "APPLE-SA-2016-09-20-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4669.json b/2016/4xxx/CVE-2016-4669.json index 5e841aa1c3e..d14224fc5e5 100644 --- a/2016/4xxx/CVE-2016-4669.json +++ b/2016/4xxx/CVE-2016-4669.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4669", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4669", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40654", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40654/" - }, - { - "name" : "https://support.apple.com/HT207269", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207269" - }, - { - "name" : "https://support.apple.com/HT207270", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207270" - }, - { - "name" : "https://support.apple.com/HT207271", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207271" - }, - { - "name" : "https://support.apple.com/HT207275", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207275" - }, - { - "name" : "93849", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93849" - }, - { - "name" : "1037086", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207271", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207271" + }, + { + "name": "1037086", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037086" + }, + { + "name": "93849", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93849" + }, + { + "name": "https://support.apple.com/HT207269", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207269" + }, + { + "name": "https://support.apple.com/HT207270", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207270" + }, + { + "name": "https://support.apple.com/HT207275", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207275" + }, + { + "name": "40654", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40654/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4678.json b/2016/4xxx/CVE-2016-4678.json index 73acf3dde3f..f9b5401ebd6 100644 --- a/2016/4xxx/CVE-2016-4678.json +++ b/2016/4xxx/CVE-2016-4678.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the \"AppleSMC\" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207275", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207275" - }, - { - "name" : "93852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93852" - }, - { - "name" : "1037086", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the \"AppleSMC\" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037086", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037086" + }, + { + "name": "93852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93852" + }, + { + "name": "https://support.apple.com/HT207275", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207275" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4968.json b/2016/4xxx/CVE-2016-4968.json index c5a72b87662..a471b4312d3 100644 --- a/2016/4xxx/CVE-2016-4968.json +++ b/2016/4xxx/CVE-2016-4968.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4968", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4968", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", - "refsource" : "CONFIRM", - "url" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" - }, - { - "name" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" - }, - { - "name" : "VU#724487", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/724487" - }, - { - "name" : "92779", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92779" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92779", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92779" + }, + { + "name": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", + "refsource": "CONFIRM", + "url": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" + }, + { + "name": "VU#724487", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/724487" + }, + { + "name": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9049.json b/2016/9xxx/CVE-2016-9049.json index a63426ab918..07095a99073 100644 --- a/2016/9xxx/CVE-2016-9049.json +++ b/2016/9xxx/CVE-2016-9049.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "ID" : "CVE-2016-9049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Database Server", - "version" : { - "version_data" : [ - { - "version_value" : "3.10.0.3" - } - ] - } - } - ] - }, - "vendor_name" : "Aerospike" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "ID": "CVE-2016-9049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Database Server", + "version": { + "version_data": [ + { + "version_value": "3.10.0.3" + } + ] + } + } + ] + }, + "vendor_name": "Aerospike" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0263/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0263/" - }, - { - "name" : "96376", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96376" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0263/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0263/" + }, + { + "name": "96376", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96376" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9076.json b/2016/9xxx/CVE-2016-9076.json index 22d81a8df0b..0e0b0de9a7e 100644 --- a/2016/9xxx/CVE-2016-9076.json +++ b/2016/9xxx/CVE-2016-9076.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2016-9076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "50" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue where a \"\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "select dropdown menu can be used for URL bar spoofing on e10s" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94337", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94337" + }, + { + "name": "1037298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037298" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-89/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9255.json b/2016/9xxx/CVE-2016-9255.json index 30f1aad5f84..d7f9bdb12ac 100644 --- a/2016/9xxx/CVE-2016-9255.json +++ b/2016/9xxx/CVE-2016-9255.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9255", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9255", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9300.json b/2016/9xxx/CVE-2016-9300.json index 0aedd3ad64c..ea2c1ee73cf 100644 --- a/2016/9xxx/CVE-2016-9300.json +++ b/2016/9xxx/CVE-2016-9300.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9300", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9300", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2106.json b/2019/2xxx/CVE-2019-2106.json index 1696f48d195..720aaedf312 100644 --- a/2019/2xxx/CVE-2019-2106.json +++ b/2019/2xxx/CVE-2019-2106.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2106", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2106", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2727.json b/2019/2xxx/CVE-2019-2727.json index cb701c9a67b..5e275e021a7 100644 --- a/2019/2xxx/CVE-2019-2727.json +++ b/2019/2xxx/CVE-2019-2727.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2727", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2727", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3039.json b/2019/3xxx/CVE-2019-3039.json index 05d3bc21fcb..047ae8ee3c5 100644 --- a/2019/3xxx/CVE-2019-3039.json +++ b/2019/3xxx/CVE-2019-3039.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3039", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3039", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3120.json b/2019/3xxx/CVE-2019-3120.json index 278389f58ca..d7efc165d9d 100644 --- a/2019/3xxx/CVE-2019-3120.json +++ b/2019/3xxx/CVE-2019-3120.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3120", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3120", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3451.json b/2019/3xxx/CVE-2019-3451.json index 2dbd2db6e02..14250df0cce 100644 --- a/2019/3xxx/CVE-2019-3451.json +++ b/2019/3xxx/CVE-2019-3451.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3451", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3451", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3709.json b/2019/3xxx/CVE-2019-3709.json index e2a0f175bb3..ae0d31cbdad 100644 --- a/2019/3xxx/CVE-2019-3709.json +++ b/2019/3xxx/CVE-2019-3709.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3709", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3709", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6277.json b/2019/6xxx/CVE-2019-6277.json index 28a303756e3..aafa671ada2 100644 --- a/2019/6xxx/CVE-2019-6277.json +++ b/2019/6xxx/CVE-2019-6277.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6277", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6277", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6355.json b/2019/6xxx/CVE-2019-6355.json index ebd2c261349..557e1384130 100644 --- a/2019/6xxx/CVE-2019-6355.json +++ b/2019/6xxx/CVE-2019-6355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6916.json b/2019/6xxx/CVE-2019-6916.json index d61f64d6dba..5b4c6b415dd 100644 --- a/2019/6xxx/CVE-2019-6916.json +++ b/2019/6xxx/CVE-2019-6916.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6916", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6916", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6971.json b/2019/6xxx/CVE-2019-6971.json index 17de2fad644..b7920326363 100644 --- a/2019/6xxx/CVE-2019-6971.json +++ b/2019/6xxx/CVE-2019-6971.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6971", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6971", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7340.json b/2019/7xxx/CVE-2019-7340.json index e5809a64fb1..b97e645a119 100644 --- a/2019/7xxx/CVE-2019-7340.json +++ b/2019/7xxx/CVE-2019-7340.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7340", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7340", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZoneMinder/zoneminder/issues/2462", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/issues/2462" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZoneMinder/zoneminder/issues/2462", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/issues/2462" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7390.json b/2019/7xxx/CVE-2019-7390.json index e8b36e4ecae..56db45d66d4 100644 --- a/2019/7xxx/CVE-2019-7390.json +++ b/2019/7xxx/CVE-2019-7390.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7390", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/leonW7/D-Link/blob/master/Vul_5.md", - "refsource" : "MISC", - "url" : "https://github.com/leonW7/D-Link/blob/master/Vul_5.md" - }, - { - "name" : "106855", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106855" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/leonW7/D-Link/blob/master/Vul_5.md", + "refsource": "MISC", + "url": "https://github.com/leonW7/D-Link/blob/master/Vul_5.md" + }, + { + "name": "106855", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106855" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7833.json b/2019/7xxx/CVE-2019-7833.json index cd03949bf77..43d683374a9 100644 --- a/2019/7xxx/CVE-2019-7833.json +++ b/2019/7xxx/CVE-2019-7833.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7833", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7833", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8215.json b/2019/8xxx/CVE-2019-8215.json index ffa787629fe..10f0477d90e 100644 --- a/2019/8xxx/CVE-2019-8215.json +++ b/2019/8xxx/CVE-2019-8215.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8215", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8215", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8221.json b/2019/8xxx/CVE-2019-8221.json index 48927a9c674..cdb52f526cf 100644 --- a/2019/8xxx/CVE-2019-8221.json +++ b/2019/8xxx/CVE-2019-8221.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8221", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8221", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8682.json b/2019/8xxx/CVE-2019-8682.json index 232f89cb813..60619264795 100644 --- a/2019/8xxx/CVE-2019-8682.json +++ b/2019/8xxx/CVE-2019-8682.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8682", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8682", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8774.json b/2019/8xxx/CVE-2019-8774.json index 570b55a9700..3912ef34656 100644 --- a/2019/8xxx/CVE-2019-8774.json +++ b/2019/8xxx/CVE-2019-8774.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8774", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8774", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9425.json b/2019/9xxx/CVE-2019-9425.json index 0452becc59e..d60655fb022 100644 --- a/2019/9xxx/CVE-2019-9425.json +++ b/2019/9xxx/CVE-2019-9425.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9425", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9425", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file