From 8d2115406f1a03244824ea4c8e70bfb91a9b5182 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:51:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0127.json | 210 +++++------ 2007/0xxx/CVE-2007-0578.json | 170 ++++----- 2007/1xxx/CVE-2007-1111.json | 260 +++++++------- 2007/1xxx/CVE-2007-1818.json | 160 ++++----- 2007/3xxx/CVE-2007-3320.json | 170 ++++----- 2007/3xxx/CVE-2007-3610.json | 170 ++++----- 2007/3xxx/CVE-2007-3769.json | 170 ++++----- 2007/3xxx/CVE-2007-3884.json | 200 +++++------ 2007/4xxx/CVE-2007-4047.json | 180 +++++----- 2007/4xxx/CVE-2007-4310.json | 140 ++++---- 2007/4xxx/CVE-2007-4364.json | 170 ++++----- 2007/4xxx/CVE-2007-4588.json | 440 +++++++++++------------ 2014/5xxx/CVE-2014-5021.json | 130 +++---- 2014/5xxx/CVE-2014-5249.json | 160 ++++----- 2014/5xxx/CVE-2014-5442.json | 34 +- 2014/5xxx/CVE-2014-5732.json | 140 ++++---- 2015/2xxx/CVE-2015-2020.json | 130 +++---- 2015/2xxx/CVE-2015-2023.json | 140 ++++---- 2015/2xxx/CVE-2015-2556.json | 130 +++---- 2015/6xxx/CVE-2015-6084.json | 140 ++++---- 2015/6xxx/CVE-2015-6186.json | 34 +- 2015/6xxx/CVE-2015-6189.json | 34 +- 2015/6xxx/CVE-2015-6585.json | 150 ++++---- 2015/7xxx/CVE-2015-7082.json | 150 ++++---- 2015/7xxx/CVE-2015-7241.json | 150 ++++---- 2015/7xxx/CVE-2015-7683.json | 150 ++++---- 2016/0xxx/CVE-2016-0166.json | 140 ++++---- 2016/0xxx/CVE-2016-0627.json | 34 +- 2016/0xxx/CVE-2016-0702.json | 540 ++++++++++++++--------------- 2016/0xxx/CVE-2016-0803.json | 130 +++---- 2016/1000xxx/CVE-2016-1000176.json | 34 +- 2016/1000xxx/CVE-2016-1000362.json | 34 +- 2016/10xxx/CVE-2016-10365.json | 120 +++---- 2016/10xxx/CVE-2016-10491.json | 132 +++---- 2016/1xxx/CVE-2016-1545.json | 34 +- 2016/4xxx/CVE-2016-4194.json | 140 ++++---- 2016/4xxx/CVE-2016-4265.json | 140 ++++---- 2016/4xxx/CVE-2016-4636.json | 34 +- 2019/1003xxx/CVE-2019-1003001.json | 134 +++---- 2019/2xxx/CVE-2019-2524.json | 140 ++++---- 2019/3xxx/CVE-2019-3201.json | 34 +- 2019/3xxx/CVE-2019-3403.json | 34 +- 2019/3xxx/CVE-2019-3933.json | 34 +- 2019/4xxx/CVE-2019-4119.json | 34 +- 2019/4xxx/CVE-2019-4369.json | 34 +- 2019/6xxx/CVE-2019-6126.json | 120 +++---- 2019/6xxx/CVE-2019-6362.json | 34 +- 2019/6xxx/CVE-2019-6480.json | 34 +- 2019/6xxx/CVE-2019-6702.json | 34 +- 2019/7xxx/CVE-2019-7313.json | 120 +++---- 2019/7xxx/CVE-2019-7704.json | 120 +++---- 2019/7xxx/CVE-2019-7926.json | 34 +- 2019/7xxx/CVE-2019-7941.json | 34 +- 2019/8xxx/CVE-2019-8358.json | 120 +++---- 2019/8xxx/CVE-2019-8766.json | 34 +- 2019/8xxx/CVE-2019-8812.json | 34 +- 2019/8xxx/CVE-2019-8846.json | 34 +- 2019/9xxx/CVE-2019-9316.json | 34 +- 2019/9xxx/CVE-2019-9355.json | 34 +- 2019/9xxx/CVE-2019-9534.json | 34 +- 2019/9xxx/CVE-2019-9691.json | 34 +- 61 files changed, 3478 insertions(+), 3478 deletions(-) diff --git a/2007/0xxx/CVE-2007-0127.json b/2007/0xxx/CVE-2007-0127.json index a558d7a4650..ecc0ae0fa96 100644 --- a/2007/0xxx/CVE-2007-0127.json +++ b/2007/0xxx/CVE-2007-0127.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458" - }, - { - "name" : "http://www.opera.com/support/search/supsearch.dml?index=851", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/support/search/supsearch.dml?index=851" - }, - { - "name" : "GLSA-200701-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-08.xml" - }, - { - "name" : "SUSE-SA:2007:009", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0009.html" - }, - { - "name" : "ADV-2007-0060", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0060" - }, - { - "name" : "31575", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31575" - }, - { - "name" : "1017473", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017473" - }, - { - "name" : "23613", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23613" - }, - { - "name" : "23739", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23739" - }, - { - "name" : "23771", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23771" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31575", + "refsource": "OSVDB", + "url": "http://osvdb.org/31575" + }, + { + "name": "http://www.opera.com/support/search/supsearch.dml?index=851", + "refsource": "CONFIRM", + "url": "http://www.opera.com/support/search/supsearch.dml?index=851" + }, + { + "name": "1017473", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017473" + }, + { + "name": "23613", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23613" + }, + { + "name": "ADV-2007-0060", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0060" + }, + { + "name": "23739", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23739" + }, + { + "name": "GLSA-200701-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-08.xml" + }, + { + "name": "23771", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23771" + }, + { + "name": "SUSE-SA:2007:009", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0009.html" + }, + { + "name": "20070105 Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0578.json b/2007/0xxx/CVE-2007-0578.json index 8318a643d76..06be6c69436 100644 --- a/2007/0xxx/CVE-2007-0578.json +++ b/2007/0xxx/CVE-2007-0578.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747" - }, - { - "name" : "http://www.mpg123.de/cgi-bin/news.cgi", - "refsource" : "CONFIRM", - "url" : "http://www.mpg123.de/cgi-bin/news.cgi" - }, - { - "name" : "MDKSA-2007:032", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:032" - }, - { - "name" : "22274", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22274" - }, - { - "name" : "ADV-2007-0366", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0366" - }, - { - "name" : "40128", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:032", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:032" + }, + { + "name": "22274", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22274" + }, + { + "name": "40128", + "refsource": "OSVDB", + "url": "http://osvdb.org/40128" + }, + { + "name": "ADV-2007-0366", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0366" + }, + { + "name": "http://www.mpg123.de/cgi-bin/news.cgi", + "refsource": "CONFIRM", + "url": "http://www.mpg123.de/cgi-bin/news.cgi" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=135704&release_id=478747" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1111.json b/2007/1xxx/CVE-2007-1111.json index b428e90fd81..b481d6a2b16 100644 --- a/2007/1xxx/CVE-2007-1111.json +++ b/2007/1xxx/CVE-2007-1111.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070224 ActiveCalendar 1.2.0, Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461146/100/0/threaded" - }, - { - "name" : "20070224 Re: ActiveCalendar 1.2.0, Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461313/100/0/threaded" - }, - { - "name" : "22705", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22705" - }, - { - "name" : "ADV-2007-0759", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0759" - }, - { - "name" : "33145", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33145" - }, - { - "name" : "33146", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33146" - }, - { - "name" : "33147", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33147" - }, - { - "name" : "33148", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33148" - }, - { - "name" : "33149", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33149" - }, - { - "name" : "33150", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33150" - }, - { - "name" : "33153", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33153" - }, - { - "name" : "33151", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33151" - }, - { - "name" : "33152", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33152" - }, - { - "name" : "2299", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2299" - }, - { - "name" : "activecalendar-multiple-scripts-xss(32690)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32690" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33150", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33150" + }, + { + "name": "2299", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2299" + }, + { + "name": "ADV-2007-0759", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0759" + }, + { + "name": "22705", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22705" + }, + { + "name": "33148", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33148" + }, + { + "name": "33147", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33147" + }, + { + "name": "33149", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33149" + }, + { + "name": "20070224 Re: ActiveCalendar 1.2.0, Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461313/100/0/threaded" + }, + { + "name": "33145", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33145" + }, + { + "name": "33152", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33152" + }, + { + "name": "33151", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33151" + }, + { + "name": "33146", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33146" + }, + { + "name": "33153", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33153" + }, + { + "name": "20070224 ActiveCalendar 1.2.0, Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461146/100/0/threaded" + }, + { + "name": "activecalendar-multiple-scripts-xss(32690)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32690" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1818.json b/2007/1xxx/CVE-2007-1818.json index 058052b5ecd..9b75978f62f 100644 --- a/2007/1xxx/CVE-2007-1818.json +++ b/2007/1xxx/CVE-2007-1818.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1818", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1818", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3613", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3613" - }, - { - "name" : "23222", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23222" - }, - { - "name" : "ADV-2007-1188", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1188" - }, - { - "name" : "35445", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35445" - }, - { - "name" : "phpbb-modforumfieldsparse-file-include(33346)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33346" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1188", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1188" + }, + { + "name": "3613", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3613" + }, + { + "name": "23222", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23222" + }, + { + "name": "phpbb-modforumfieldsparse-file-include(33346)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33346" + }, + { + "name": "35445", + "refsource": "OSVDB", + "url": "http://osvdb.org/35445" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3320.json b/2007/3xxx/CVE-2007-3320.json index d4b65116343..168b440a868 100644 --- a/2007/3xxx/CVE-2007-3320.json +++ b/2007/3xxx/CVE-2007-3320.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm" - }, - { - "name" : "24544", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24544" - }, - { - "name" : "38116", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38116" - }, - { - "name" : "25747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25747" - }, - { - "name" : "avaya-sipinvite-security-bypass(34971)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware accepts SIP INVITE requests from arbitrary source IP addresses, which allows remote attackers to have an unspecified impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "avaya-sipinvite-security-bypass(34971)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34971" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm" + }, + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=300&" + }, + { + "name": "24544", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24544" + }, + { + "name": "25747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25747" + }, + { + "name": "38116", + "refsource": "OSVDB", + "url": "http://osvdb.org/38116" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3610.json b/2007/3xxx/CVE-2007-3610.json index a0f5d77b77f..4b363aca584 100644 --- a/2007/3xxx/CVE-2007-3610.json +++ b/2007/3xxx/CVE-2007-3610.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3610", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in categories_type.php in phpVID 0.9.9 allows remote attackers to execute arbitrary SQL commands via the cat parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3610", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4153", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4153" - }, - { - "name" : "24788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24788" - }, - { - "name" : "ADV-2007-2447", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2447" - }, - { - "name" : "35963", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35963" - }, - { - "name" : "25975", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25975" - }, - { - "name" : "phpvid-categoriestype-sql-injection(35273)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in categories_type.php in phpVID 0.9.9 allows remote attackers to execute arbitrary SQL commands via the cat parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4153", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4153" + }, + { + "name": "35963", + "refsource": "OSVDB", + "url": "http://osvdb.org/35963" + }, + { + "name": "24788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24788" + }, + { + "name": "ADV-2007-2447", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2447" + }, + { + "name": "25975", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25975" + }, + { + "name": "phpvid-categoriestype-sql-injection(35273)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35273" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3769.json b/2007/3xxx/CVE-2007-3769.json index 5006970285d..69085d3963f 100644 --- a/2007/3xxx/CVE-2007-3769.json +++ b/2007/3xxx/CVE-2007-3769.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE: this can be leveraged for root access via a sequence of steps involving web script that creates a new FTP user account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070710 Portcullis Computer Security Ltd - Advisories", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=118409539009277&w=2" - }, - { - "name" : "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070710/98374694/attachment-0031.txt", - "refsource" : "MISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070710/98374694/attachment-0031.txt" - }, - { - "name" : "ADV-2007-2528", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2528" - }, - { - "name" : "37911", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37911" - }, - { - "name" : "26061", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26061" - }, - { - "name" : "surgeftp-error-xss(35378)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35378" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE: this can be leveraged for root access via a sequence of steps involving web script that creates a new FTP user account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26061", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26061" + }, + { + "name": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070710/98374694/attachment-0031.txt", + "refsource": "MISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070710/98374694/attachment-0031.txt" + }, + { + "name": "surgeftp-error-xss(35378)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35378" + }, + { + "name": "ADV-2007-2528", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2528" + }, + { + "name": "37911", + "refsource": "OSVDB", + "url": "http://osvdb.org/37911" + }, + { + "name": "20070710 Portcullis Computer Security Ltd - Advisories", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=118409539009277&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3884.json b/2007/3xxx/CVE-2007-3884.json index 446982e025e..c2ba67bbab0 100644 --- a/2007/3xxx/CVE-2007-3884.json +++ b/2007/3xxx/CVE-2007-3884.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070909 Husrev Forums v2.0.1:PoWerBoard Sql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478974/100/0/threaded" - }, - { - "name" : "http://yollubunlar.org/husrev-forums-v201powerboard-sql-injection-exploit-3503.html", - "refsource" : "MISC", - "url" : "http://yollubunlar.org/husrev-forums-v201powerboard-sql-injection-exploit-3503.html" - }, - { - "name" : "24928", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24928" - }, - { - "name" : "ADV-2007-2557", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2557" - }, - { - "name" : "38185", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/38185" - }, - { - "name" : "26089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26089" - }, - { - "name" : "26736", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26736" - }, - { - "name" : "husrev-philboardforum-sql-injection(36530)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36530" - }, - { - "name" : "husrevforum-philboardforum-sql-injection(35443)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35443" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in philboard_forum.asp in husrevforum 1.0.1 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: it was later reported that 2.0.1 is also affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2557", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2557" + }, + { + "name": "26089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26089" + }, + { + "name": "24928", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24928" + }, + { + "name": "26736", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26736" + }, + { + "name": "http://yollubunlar.org/husrev-forums-v201powerboard-sql-injection-exploit-3503.html", + "refsource": "MISC", + "url": "http://yollubunlar.org/husrev-forums-v201powerboard-sql-injection-exploit-3503.html" + }, + { + "name": "husrevforum-philboardforum-sql-injection(35443)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35443" + }, + { + "name": "husrev-philboardforum-sql-injection(36530)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36530" + }, + { + "name": "38185", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/38185" + }, + { + "name": "20070909 Husrev Forums v2.0.1:PoWerBoard Sql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478974/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4047.json b/2007/4xxx/CVE-2007-4047.json index 142a821e988..1c1112efc03 100644 --- a/2007/4xxx/CVE-2007-4047.json +++ b/2007/4xxx/CVE-2007-4047.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4047", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4047", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070719 Geoblog v1 administrator bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474127/100/0/threaded" - }, - { - "name" : "24966", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24966" - }, - { - "name" : "42485", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42485" - }, - { - "name" : "42486", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42486" - }, - { - "name" : "42487", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42487" - }, - { - "name" : "2934", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2934" - }, - { - "name" : "geoblog-listcomments-security-bypass(35494)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35494" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote attackers to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request with a valid id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42487", + "refsource": "OSVDB", + "url": "http://osvdb.org/42487" + }, + { + "name": "2934", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2934" + }, + { + "name": "geoblog-listcomments-security-bypass(35494)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35494" + }, + { + "name": "42486", + "refsource": "OSVDB", + "url": "http://osvdb.org/42486" + }, + { + "name": "24966", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24966" + }, + { + "name": "20070719 Geoblog v1 administrator bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474127/100/0/threaded" + }, + { + "name": "42485", + "refsource": "OSVDB", + "url": "http://osvdb.org/42485" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4310.json b/2007/4xxx/CVE-2007-4310.json index d2023b3938b..deae6907c97 100644 --- a/2007/4xxx/CVE-2007-4310.json +++ b/2007/4xxx/CVE-2007-4310.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4310", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a \"finger 9@host\" command, a different vulnerability than CVE-2001-1503." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4310", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070727 Re: Solaris finger bug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474927/100/100/threaded" - }, - { - "name" : "20070727 Solaris finger bug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474858/100/100/threaded" - }, - { - "name" : "2996", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2996" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a \"finger 9@host\" command, a different vulnerability than CVE-2001-1503." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070727 Re: Solaris finger bug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474927/100/100/threaded" + }, + { + "name": "2996", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2996" + }, + { + "name": "20070727 Solaris finger bug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474858/100/100/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4364.json b/2007/4xxx/CVE-2007-4364.json index 178ef13655c..e7b168d6647 100644 --- a/2007/4xxx/CVE-2007-4364.json +++ b/2007/4xxx/CVE-2007-4364.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4364", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain \"unexpected / strange response\" from an LDAP server, and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4364", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=531870", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=531870" - }, - { - "name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1731608&group_id=177054&atid=879703", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1731608&group_id=177054&atid=879703" - }, - { - "name" : "25317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25317" - }, - { - "name" : "39548", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39548" - }, - { - "name" : "26445", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26445" - }, - { - "name" : "fedora-ldap-security-bypass(36005)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving Java Naming and Directory Interface (JNDI), related to (1) a nonexistent account name in combination with an empty password, which allows remote attackers to trigger a certain \"unexpected / strange response\" from an LDAP server, and (2) a reauthentication attempt that throws an exception, which allows remote attackers to trigger use of a cached authentication decision. NOTE: authentication can be bypassed by using vector 1 followed by vector 2, and possibly can be bypassed by using a single vector." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39548", + "refsource": "OSVDB", + "url": "http://osvdb.org/39548" + }, + { + "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1731608&group_id=177054&atid=879703", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1731608&group_id=177054&atid=879703" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=531870", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=531870" + }, + { + "name": "25317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25317" + }, + { + "name": "26445", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26445" + }, + { + "name": "fedora-ldap-security-bypass(36005)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36005" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4588.json b/2007/4xxx/CVE-2007-4588.json index ef5d42c19e7..086846e0e98 100644 --- a/2007/4xxx/CVE-2007-4588.json +++ b/2007/4xxx/CVE-2007-4588.json @@ -1,222 +1,222 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 (1) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users to inject arbitrary web script or HTML via the PATH_INFO to (2) nodeworx.php, (3) users.php, (4) lang.php, (5) themes.php, (6) setup.php, (7) siteworx.php, (8) packages.php, (9) backup.php, (10) import.php, (11) scriptworx.php, (12) resellers.php, (13) reseller-packages.php, (14) http.php, (15) mail.php, (16) ftp.php, (17) mysql.php, (18) sshd.php, (19) nfs.php, (20) cron.php, (21) ip.php, (22) firewall.php, (23) updates.php, (24) rrd.php, or (25) cluster.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070826 InterWorx-CP Multiple HTML Injections Vulnerabilitie", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477848/100/0/threaded" - }, - { - "name" : "http://www.hackerscenter.com/archive/view.asp?id=27884", - "refsource" : "MISC", - "url" : "http://www.hackerscenter.com/archive/view.asp?id=27884" - }, - { - "name" : "http://interworx.com/forums/showthread.php?t=2501", - "refsource" : "CONFIRM", - "url" : "http://interworx.com/forums/showthread.php?t=2501" - }, - { - "name" : "25451", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25451" - }, - { - "name" : "36739", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36739" - }, - { - "name" : "36740", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36740" - }, - { - "name" : "36742", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36742" - }, - { - "name" : "36743", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36743" - }, - { - "name" : "36744", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36744" - }, - { - "name" : "36745", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36745" - }, - { - "name" : "36746", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36746" - }, - { - "name" : "36747", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36747" - }, - { - "name" : "36748", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36748" - }, - { - "name" : "36749", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36749" - }, - { - "name" : "36750", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36750" - }, - { - "name" : "36751", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36751" - }, - { - "name" : "36752", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36752" - }, - { - "name" : "36753", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36753" - }, - { - "name" : "36755", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36755" - }, - { - "name" : "36756", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36756" - }, - { - "name" : "36757", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36757" - }, - { - "name" : "36758", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36758" - }, - { - "name" : "36759", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36759" - }, - { - "name" : "36761", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36761" - }, - { - "name" : "36762", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36762" - }, - { - "name" : "36763", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36763" - }, - { - "name" : "36764", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36764" - }, - { - "name" : "36765", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36765" - }, - { - "name" : "36766", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36766" - }, - { - "name" : "26586", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26586" - }, - { - "name" : "3070", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3070" - }, - { - "name" : "interworx-nodeworx-multiple-file-include(36301)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36301" - }, - { - "name" : "interworxcp-index-xss(36297)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36297" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 (1) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users to inject arbitrary web script or HTML via the PATH_INFO to (2) nodeworx.php, (3) users.php, (4) lang.php, (5) themes.php, (6) setup.php, (7) siteworx.php, (8) packages.php, (9) backup.php, (10) import.php, (11) scriptworx.php, (12) resellers.php, (13) reseller-packages.php, (14) http.php, (15) mail.php, (16) ftp.php, (17) mysql.php, (18) sshd.php, (19) nfs.php, (20) cron.php, (21) ip.php, (22) firewall.php, (23) updates.php, (24) rrd.php, or (25) cluster.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36762", + "refsource": "OSVDB", + "url": "http://osvdb.org/36762" + }, + { + "name": "36743", + "refsource": "OSVDB", + "url": "http://osvdb.org/36743" + }, + { + "name": "25451", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25451" + }, + { + "name": "3070", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3070" + }, + { + "name": "36740", + "refsource": "OSVDB", + "url": "http://osvdb.org/36740" + }, + { + "name": "http://interworx.com/forums/showthread.php?t=2501", + "refsource": "CONFIRM", + "url": "http://interworx.com/forums/showthread.php?t=2501" + }, + { + "name": "36765", + "refsource": "OSVDB", + "url": "http://osvdb.org/36765" + }, + { + "name": "36761", + "refsource": "OSVDB", + "url": "http://osvdb.org/36761" + }, + { + "name": "36750", + "refsource": "OSVDB", + "url": "http://osvdb.org/36750" + }, + { + "name": "36759", + "refsource": "OSVDB", + "url": "http://osvdb.org/36759" + }, + { + "name": "36766", + "refsource": "OSVDB", + "url": "http://osvdb.org/36766" + }, + { + "name": "36746", + "refsource": "OSVDB", + "url": "http://osvdb.org/36746" + }, + { + "name": "36744", + "refsource": "OSVDB", + "url": "http://osvdb.org/36744" + }, + { + "name": "36758", + "refsource": "OSVDB", + "url": "http://osvdb.org/36758" + }, + { + "name": "36751", + "refsource": "OSVDB", + "url": "http://osvdb.org/36751" + }, + { + "name": "36757", + "refsource": "OSVDB", + "url": "http://osvdb.org/36757" + }, + { + "name": "interworx-nodeworx-multiple-file-include(36301)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36301" + }, + { + "name": "http://www.hackerscenter.com/archive/view.asp?id=27884", + "refsource": "MISC", + "url": "http://www.hackerscenter.com/archive/view.asp?id=27884" + }, + { + "name": "36756", + "refsource": "OSVDB", + "url": "http://osvdb.org/36756" + }, + { + "name": "26586", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26586" + }, + { + "name": "20070826 InterWorx-CP Multiple HTML Injections Vulnerabilitie", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477848/100/0/threaded" + }, + { + "name": "36739", + "refsource": "OSVDB", + "url": "http://osvdb.org/36739" + }, + { + "name": "36747", + "refsource": "OSVDB", + "url": "http://osvdb.org/36747" + }, + { + "name": "36764", + "refsource": "OSVDB", + "url": "http://osvdb.org/36764" + }, + { + "name": "36753", + "refsource": "OSVDB", + "url": "http://osvdb.org/36753" + }, + { + "name": "36745", + "refsource": "OSVDB", + "url": "http://osvdb.org/36745" + }, + { + "name": "36742", + "refsource": "OSVDB", + "url": "http://osvdb.org/36742" + }, + { + "name": "36748", + "refsource": "OSVDB", + "url": "http://osvdb.org/36748" + }, + { + "name": "36763", + "refsource": "OSVDB", + "url": "http://osvdb.org/36763" + }, + { + "name": "36749", + "refsource": "OSVDB", + "url": "http://osvdb.org/36749" + }, + { + "name": "interworxcp-index-xss(36297)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36297" + }, + { + "name": "36752", + "refsource": "OSVDB", + "url": "http://osvdb.org/36752" + }, + { + "name": "36755", + "refsource": "OSVDB", + "url": "http://osvdb.org/36755" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5021.json b/2014/5xxx/CVE-2014-5021.json index 54a053a6f46..be834d7e35b 100644 --- a/2014/5xxx/CVE-2014-5021.json +++ b/2014/5xxx/CVE-2014-5021.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via an option group label." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/SA-CORE-2014-003", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2014-003" - }, - { - "name" : "DSA-2983", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via an option group label." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2983", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2983" + }, + { + "name": "https://www.drupal.org/SA-CORE-2014-003", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2014-003" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5249.json b/2014/5xxx/CVE-2014-5249.json index ad449424300..1a6588d02e6 100644 --- a/2014/5xxx/CVE-2014-5249.json +++ b/2014/5xxx/CVE-2014-5249.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the \"Biblio self autocomplete\" submodule in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2316717", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2316717" - }, - { - "name" : "https://www.drupal.org/node/2316023", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2316023" - }, - { - "name" : "https://www.drupal.org/node/2316025", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2316025" - }, - { - "name" : "69091", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69091" - }, - { - "name" : "biblioautocomplete-drupal-sql-injection(95146)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95146" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the \"Biblio self autocomplete\" submodule in the Biblio Autocomplete module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "69091", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69091" + }, + { + "name": "https://www.drupal.org/node/2316717", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2316717" + }, + { + "name": "https://www.drupal.org/node/2316025", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2316025" + }, + { + "name": "https://www.drupal.org/node/2316023", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2316023" + }, + { + "name": "biblioautocomplete-drupal-sql-injection(95146)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95146" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5442.json b/2014/5xxx/CVE-2014-5442.json index 4cd14a952b0..062eb50badc 100644 --- a/2014/5xxx/CVE-2014-5442.json +++ b/2014/5xxx/CVE-2014-5442.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5442", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5442", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5732.json b/2014/5xxx/CVE-2014-5732.json index bac813ebe4d..c53e8674aa3 100644 --- a/2014/5xxx/CVE-2014-5732.json +++ b/2014/5xxx/CVE-2014-5732.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5732", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5732", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#398929", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/398929" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Wamba - meet women and men (aka com.wamba.client) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#398929", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/398929" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2020.json b/2015/2xxx/CVE-2015-2020.json index 3cc9cd452ff..a0dd98910e6 100644 --- a/2015/2xxx/CVE-2015-2020.json +++ b/2015/2xxx/CVE-2015-2020.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://alephsecurity.com/vulns/aleph-2015006", - "refsource" : "MISC", - "url" : "https://alephsecurity.com/vulns/aleph-2015006" - }, - { - "name" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", - "refsource" : "MISC", - "url" : "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf", + "refsource": "MISC", + "url": "https://www.usenix.org/system/files/conference/woot15/woot15-paper-peles.pdf" + }, + { + "name": "https://alephsecurity.com/vulns/aleph-2015006", + "refsource": "MISC", + "url": "https://alephsecurity.com/vulns/aleph-2015006" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2023.json b/2015/2xxx/CVE-2015-2023.json index 011d4a6c974..fb1245949dd 100644 --- a/2015/2xxx/CVE-2015-2023.json +++ b/2015/2xxx/CVE-2015-2023.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38751", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38751/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996" - }, - { - "name" : "SI57907", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996" + }, + { + "name": "38751", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38751/" + }, + { + "name": "SI57907", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2556.json b/2015/2xxx/CVE-2015-2556.json index 378a85a1313..4a16ab0bc5c 100644 --- a/2015/2xxx/CVE-2015-2556.json +++ b/2015/2xxx/CVE-2015-2556.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka \"Microsoft SharePoint Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-110", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110" - }, - { - "name" : "1033804", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka \"Microsoft SharePoint Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-110", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110" + }, + { + "name": "1033804", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033804" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6084.json b/2015/6xxx/CVE-2015-6084.json index fecb087d146..50e6858e69a 100644 --- a/2015/6xxx/CVE-2015-6084.json +++ b/2015/6xxx/CVE-2015-6084.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6064 and CVE-2015-6085." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151201 Microsoft Internet Explorer \"CTxtPtr::GetPlainText\" OOB Access Vulnerability", - "refsource" : "IDEFENSE", - "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1209" - }, - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6064 and CVE-2015-6085." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151201 Microsoft Internet Explorer \"CTxtPtr::GetPlainText\" OOB Access Vulnerability", + "refsource": "IDEFENSE", + "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1209" + }, + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6186.json b/2015/6xxx/CVE-2015-6186.json index 4472c443849..4f29d31b61c 100644 --- a/2015/6xxx/CVE-2015-6186.json +++ b/2015/6xxx/CVE-2015-6186.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6186", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6186", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6189.json b/2015/6xxx/CVE-2015-6189.json index aecb5105a78..fecd7178429 100644 --- a/2015/6xxx/CVE-2015-6189.json +++ b/2015/6xxx/CVE-2015-6189.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6189", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6189", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6585.json b/2015/6xxx/CVE-2015-6585.json index 994518048b1..40160d78d4e 100644 --- a/2015/6xxx/CVE-2015-6585.json +++ b/2015/6xxx/CVE-2015-6585.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6585", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a \"type confusion\" via an HWPX file containing a crafted para text tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6585", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html", - "refsource" : "MISC", - "url" : "https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html" - }, - { - "name" : "https://www.fireeye.com/content/dam/fireeye-www/global/en/blog/threat-research/FireEye_HWP_ZeroDay.pdf", - "refsource" : "MISC", - "url" : "https://www.fireeye.com/content/dam/fireeye-www/global/en/blog/threat-research/FireEye_HWP_ZeroDay.pdf" - }, - { - "name" : "http://www.hancom.com/cs_center/csDownload.do", - "refsource" : "CONFIRM", - "url" : "http://www.hancom.com/cs_center/csDownload.do" - }, - { - "name" : "76694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76694" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted heap spray, and by leveraging a \"type confusion\" via an HWPX file containing a crafted para text tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76694" + }, + { + "name": "https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html", + "refsource": "MISC", + "url": "https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html" + }, + { + "name": "http://www.hancom.com/cs_center/csDownload.do", + "refsource": "CONFIRM", + "url": "http://www.hancom.com/cs_center/csDownload.do" + }, + { + "name": "https://www.fireeye.com/content/dam/fireeye-www/global/en/blog/threat-research/FireEye_HWP_ZeroDay.pdf", + "refsource": "MISC", + "url": "https://www.fireeye.com/content/dam/fireeye-www/global/en/blog/threat-research/FireEye_HWP_ZeroDay.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7082.json b/2015/7xxx/CVE-2015-7082.json index 2c20259da72..60475bed239 100644 --- a/2015/7xxx/CVE-2015-7082.json +++ b/2015/7xxx/CVE-2015-7082.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt", - "refsource" : "CONFIRM", - "url" : "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt" - }, - { - "name" : "https://support.apple.com/HT205642", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205642" - }, - { - "name" : "APPLE-SA-2015-12-08-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" - }, - { - "name" : "1034340", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034340" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205642", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205642" + }, + { + "name": "APPLE-SA-2015-12-08-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" + }, + { + "name": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt", + "refsource": "CONFIRM", + "url": "https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt" + }, + { + "name": "1034340", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034340" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7241.json b/2015/7xxx/CVE-2015-7241.json index f2fa5c19e30..861149612a5 100644 --- a/2015/7xxx/CVE-2015-7241.json +++ b/2015/7xxx/CVE-2015-7241.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150921 SAP Netwaver - XML External Entity Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536504/100/0/threaded" - }, - { - "name" : "38261", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38261/" - }, - { - "name" : "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html" - }, - { - "name" : "76809", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html" + }, + { + "name": "20150921 SAP Netwaver - XML External Entity Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded" + }, + { + "name": "38261", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38261/" + }, + { + "name": "76809", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76809" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7683.json b/2015/7xxx/CVE-2015-7683.json index bd9d506fdb7..1239d14ed62 100644 --- a/2015/7xxx/CVE-2015-7683.json +++ b/2015/7xxx/CVE-2015-7683.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151012 CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536670/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8214", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8214" - }, - { - "name" : "https://wordpress.org/plugins/font/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/font/changelog/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxProxy.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wpvulndb.com/vulnerabilities/8214", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8214" + }, + { + "name": "http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133930/WordPress-Font-7.5-Path-Traversal.html" + }, + { + "name": "20151012 CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536670/100/0/threaded" + }, + { + "name": "https://wordpress.org/plugins/font/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/font/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0166.json b/2016/0xxx/CVE-2016-0166.json index 6284cf34888..a906082fdf9 100644 --- a/2016/0xxx/CVE-2016-0166.json +++ b/2016/0xxx/CVE-2016-0166.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0166", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0166", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-230", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-230" - }, - { - "name" : "MS16-037", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037" - }, - { - "name" : "1035521", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-230", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-230" + }, + { + "name": "1035521", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035521" + }, + { + "name": "MS16-037", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0627.json b/2016/0xxx/CVE-2016-0627.json index 27411b93080..15e3b89cafa 100644 --- a/2016/0xxx/CVE-2016-0627.json +++ b/2016/0xxx/CVE-2016-0627.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0627", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0627", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0702.json b/2016/0xxx/CVE-2016-0702.json index e944668e5f4..f3e81e8fc18 100644 --- a/2016/0xxx/CVE-2016-0702.json +++ b/2016/0xxx/CVE-2016-0702.json @@ -1,272 +1,272 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a \"CacheBleed\" attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cachebleed.info", - "refsource" : "MISC", - "url" : "http://cachebleed.info" - }, - { - "name" : "http://openssl.org/news/secadv/20160301.txt", - "refsource" : "CONFIRM", - "url" : "http://openssl.org/news/secadv/20160301.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=708dc2f1291e104fe4eef810bb8ffc1fae5b19c1", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=708dc2f1291e104fe4eef810bb8ffc1fae5b19c1" - }, - { - "name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168", - "refsource" : "CONFIRM", - "url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "https://www.openssl.org/news/secadv/20160301.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv/20160301.txt" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us" - }, - { - "name" : "20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl" - }, - { - "name" : "DSA-3500", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3500" - }, - { - "name" : "FEDORA-2016-2802690366", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html" - }, - { - "name" : "FEDORA-2016-e6807b3394", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html" - }, - { - "name" : "FreeBSD-SA-16:12", - "refsource" : "FREEBSD", - "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc" - }, - { - "name" : "GLSA-201603-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-15" - }, - { - "name" : "HPSBGN03563", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145889460330120&w=2" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "openSUSE-SU-2016:1566", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html" - }, - { - "name" : "openSUSE-SU-2016:1239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:1241", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html" - }, - { - "name" : "SUSE-SU-2016:1267", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:1242", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html" - }, - { - "name" : "openSUSE-SU-2016:1273", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html" - }, - { - "name" : "SUSE-SU-2016:1290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html" - }, - { - "name" : "SUSE-SU-2016:1360", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html" - }, - { - "name" : "SUSE-SU-2016:1057", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0617", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" - }, - { - "name" : "SUSE-SU-2016:0620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" - }, - { - "name" : "SUSE-SU-2016:0621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" - }, - { - "name" : "SUSE-SU-2016:0624", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" - }, - { - "name" : "SUSE-SU-2016:0631", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:0641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html" - }, - { - "name" : "openSUSE-SU-2016:0627", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:0628", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:0637", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" - }, - { - "name" : "openSUSE-SU-2016:0638", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" - }, - { - "name" : "openSUSE-SU-2016:0720", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html" - }, - { - "name" : "USN-2914-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2914-1" - }, - { - "name" : "1035133", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a \"CacheBleed\" attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-2802690366", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html" + }, + { + "name": "openSUSE-SU-2016:1242", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html" + }, + { + "name": "SUSE-SU-2016:1267", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html" + }, + { + "name": "FEDORA-2016-e6807b3394", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html" + }, + { + "name": "openSUSE-SU-2016:0638", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917" + }, + { + "name": "FreeBSD-SA-16:12", + "refsource": "FREEBSD", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2016:1239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html" + }, + { + "name": "SUSE-SU-2016:0621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" + }, + { + "name": "HPSBGN03563", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145889460330120&w=2" + }, + { + "name": "USN-2914-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2914-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "SUSE-SU-2016:1057", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" + }, + { + "name": "openSUSE-SU-2016:1566", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html" + }, + { + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168", + "refsource": "CONFIRM", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168" + }, + { + "name": "openSUSE-SU-2016:1241", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html" + }, + { + "name": "http://openssl.org/news/secadv/20160301.txt", + "refsource": "CONFIRM", + "url": "http://openssl.org/news/secadv/20160301.txt" + }, + { + "name": "SUSE-SU-2016:1360", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html" + }, + { + "name": "20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl" + }, + { + "name": "openSUSE-SU-2016:0720", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2016:0624", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" + }, + { + "name": "DSA-3500", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3500" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us" + }, + { + "name": "SUSE-SU-2016:0631", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" + }, + { + "name": "https://www.openssl.org/news/secadv/20160301.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20160301.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "SUSE-SU-2016:0617", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" + }, + { + "name": "SUSE-SU-2016:1290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html" + }, + { + "name": "openSUSE-SU-2016:1273", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "GLSA-201603-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-15" + }, + { + "name": "openSUSE-SU-2016:0628", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" + }, + { + "name": "1035133", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035133" + }, + { + "name": "http://cachebleed.info", + "refsource": "MISC", + "url": "http://cachebleed.info" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=708dc2f1291e104fe4eef810bb8ffc1fae5b19c1", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=708dc2f1291e104fe4eef810bb8ffc1fae5b19c1" + }, + { + "name": "SUSE-SU-2016:0620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" + }, + { + "name": "openSUSE-SU-2016:0637", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" + }, + { + "name": "openSUSE-SU-2016:0627", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html" + }, + { + "name": "SUSE-SU-2016:0641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0803.json b/2016/0xxx/CVE-2016-0803.json index 4780c42a410..13e560495dd 100644 --- a/2016/0xxx/CVE-2016-0803.json +++ b/2016/0xxx/CVE-2016-0803.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0803", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0803", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-02-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-02-01.html" - }, - { - "name" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/50270d98e26fa18b20ca88216c3526667b724ba7" + }, + { + "name": "http://source.android.com/security/bulletin/2016-02-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000176.json b/2016/1000xxx/CVE-2016-1000176.json index 6859f1171bc..63eed50acf9 100644 --- a/2016/1000xxx/CVE-2016-1000176.json +++ b/2016/1000xxx/CVE-2016-1000176.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000176", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000176", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000362.json b/2016/1000xxx/CVE-2016-1000362.json index d545b3a2d12..7e695d13c8b 100644 --- a/2016/1000xxx/CVE-2016-1000362.json +++ b/2016/1000xxx/CVE-2016-1000362.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000362", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9849. Reason: This candidate is a reservation duplicate of CVE-2016-9849. Notes: All CVE users should reference CVE-2016-9849 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000362", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9849. Reason: This candidate is a reservation duplicate of CVE-2016-9849. Notes: All CVE users should reference CVE-2016-9849 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10365.json b/2016/10xxx/CVE-2016-10365.json index e09fb9053b7..7057f38e640 100644 --- a/2016/10xxx/CVE-2016-10365.json +++ b/2016/10xxx/CVE-2016-10365.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@elastic.co", - "ID" : "CVE-2016-10365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Kibana", - "version" : { - "version_data" : [ - { - "version_value" : "before 5.0.1 and 4.6.3" - } - ] - } - } - ] - }, - "vendor_name" : "Elastic" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-601: URL Redirection to Untrusted Site" - } + "CVE_data_meta": { + "ASSIGNER": "security@elastic.co", + "ID": "CVE-2016-10365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Kibana", + "version": { + "version_data": [ + { + "version_value": "before 5.0.1 and 4.6.3" + } + ] + } + } + ] + }, + "vendor_name": "Elastic" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.elastic.co/community/security", - "refsource" : "CONFIRM", - "url" : "https://www.elastic.co/community/security" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601: URL Redirection to Untrusted Site" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.elastic.co/community/security", + "refsource": "CONFIRM", + "url": "https://www.elastic.co/community/security" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10491.json b/2016/10xxx/CVE-2016-10491.json index cec6de753d0..997e24e3815 100644 --- a/2016/10xxx/CVE-2016-10491.json +++ b/2016/10xxx/CVE-2016-10491.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20, , , , ," - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, an integer overflow leading to buffer overflow can occur in a QuRT API function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer Overflow to Buffer Overflow in Core" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20, , , , ," + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, an integer overflow leading to buffer overflow can occur in a QuRT API function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow to Buffer Overflow in Core" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1545.json b/2016/1xxx/CVE-2016-1545.json index c60cbac3580..9f83c9edc67 100644 --- a/2016/1xxx/CVE-2016-1545.json +++ b/2016/1xxx/CVE-2016-1545.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1545", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1545", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4194.json b/2016/4xxx/CVE-2016-4194.json index 53283e4e8c2..355ed9ad997 100644 --- a/2016/4xxx/CVE-2016-4194.json +++ b/2016/4xxx/CVE-2016-4194.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4194", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4194", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4265.json b/2016/4xxx/CVE-2016-4265.json index 012941f67d9..24936f0f11b 100644 --- a/2016/4xxx/CVE-2016-4265.json +++ b/2016/4xxx/CVE-2016-4265.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-488", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-488" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "92640", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92640", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92640" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-488", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4636.json b/2016/4xxx/CVE-2016-4636.json index 272332af444..074c307b04f 100644 --- a/2016/4xxx/CVE-2016-4636.json +++ b/2016/4xxx/CVE-2016-4636.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4636", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-4636", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003001.json b/2019/1003xxx/CVE-2019-1003001.json index 79cccb0d756..81b57b1daf6 100644 --- a/2019/1003xxx/CVE-2019-1003001.json +++ b/2019/1003xxx/CVE-2019-1003001.json @@ -1,69 +1,69 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-01-21T18:56:51.575446", - "ID" : "CVE-2019-1003001", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Pipeline: Groovy Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "2.61 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-693" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-01-21T18:56:51.575446", + "ID": "CVE-2019-1003001", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pipeline: Groovy Plugin", + "version": { + "version_data": [ + { + "version_value": "2.61 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266" - }, - { - "name" : "RHBA-2019:0326", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHBA-2019:0326" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-693" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266" + }, + { + "name": "RHBA-2019:0326", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHBA-2019:0326" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2524.json b/2019/2xxx/CVE-2019-2524.json index 296a5d21d64..f339fc0190a 100644 --- a/2019/2xxx/CVE-2019-2524.json +++ b/2019/2xxx/CVE-2019-2524.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2524", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.2.24" - }, - { - "version_affected" : "<", - "version_value" : "6.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2524", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2.24" + }, + { + "version_affected": "<", + "version_value": "6.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106568", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106568" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106568", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106568" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3201.json b/2019/3xxx/CVE-2019-3201.json index 6b38748b9d2..d096f7e49bf 100644 --- a/2019/3xxx/CVE-2019-3201.json +++ b/2019/3xxx/CVE-2019-3201.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3201", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3201", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3403.json b/2019/3xxx/CVE-2019-3403.json index c18739ad8ba..fc531b714a2 100644 --- a/2019/3xxx/CVE-2019-3403.json +++ b/2019/3xxx/CVE-2019-3403.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3403", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3403", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3933.json b/2019/3xxx/CVE-2019-3933.json index 0b53eb5a4c3..ff79790c4cd 100644 --- a/2019/3xxx/CVE-2019-3933.json +++ b/2019/3xxx/CVE-2019-3933.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3933", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3933", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4119.json b/2019/4xxx/CVE-2019-4119.json index a2c44e55e12..b9d2232b0dc 100644 --- a/2019/4xxx/CVE-2019-4119.json +++ b/2019/4xxx/CVE-2019-4119.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4119", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4119", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4369.json b/2019/4xxx/CVE-2019-4369.json index 1933dad9726..5d60a18d4d8 100644 --- a/2019/4xxx/CVE-2019-4369.json +++ b/2019/4xxx/CVE-2019-4369.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4369", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4369", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6126.json b/2019/6xxx/CVE-2019-6126.json index bbf872395e7..2c240193030 100644 --- a/2019/6xxx/CVE-2019-6126.json +++ b/2019/6xxx/CVE-2019-6126.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Mad-robot/CVE-List/blob/master/Advance%20Peer%20to%20Peer%20MLM%20Script.md", - "refsource" : "MISC", - "url" : "https://github.com/Mad-robot/CVE-List/blob/master/Advance%20Peer%20to%20Peer%20MLM%20Script.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Mad-robot/CVE-List/blob/master/Advance%20Peer%20to%20Peer%20MLM%20Script.md", + "refsource": "MISC", + "url": "https://github.com/Mad-robot/CVE-List/blob/master/Advance%20Peer%20to%20Peer%20MLM%20Script.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6362.json b/2019/6xxx/CVE-2019-6362.json index bc4d6c1d181..c47fb38b449 100644 --- a/2019/6xxx/CVE-2019-6362.json +++ b/2019/6xxx/CVE-2019-6362.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6362", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6362", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6480.json b/2019/6xxx/CVE-2019-6480.json index 283214e17f3..7e9c4624871 100644 --- a/2019/6xxx/CVE-2019-6480.json +++ b/2019/6xxx/CVE-2019-6480.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6480", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6480", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6702.json b/2019/6xxx/CVE-2019-6702.json index 09cf50055e8..15477947017 100644 --- a/2019/6xxx/CVE-2019-6702.json +++ b/2019/6xxx/CVE-2019-6702.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6702", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6702", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7313.json b/2019/7xxx/CVE-2019-7313.json index ea934b8cc4d..966779c7477 100644 --- a/2019/7xxx/CVE-2019-7313.json +++ b/2019/7xxx/CVE-2019-7313.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7313", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7313", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code", - "refsource" : "MISC", - "url" : "https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code", + "refsource": "MISC", + "url": "https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7704.json b/2019/7xxx/CVE-2019-7704.json index 98b76590f37..c2cb53aa149 100644 --- a/2019/7xxx/CVE-2019-7704.json +++ b/2019/7xxx/CVE-2019-7704.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7704", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7704", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/WebAssembly/binaryen/issues/1866", - "refsource" : "MISC", - "url" : "https://github.com/WebAssembly/binaryen/issues/1866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/WebAssembly/binaryen/issues/1866", + "refsource": "MISC", + "url": "https://github.com/WebAssembly/binaryen/issues/1866" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7926.json b/2019/7xxx/CVE-2019-7926.json index d7f254f1961..610a2f58bfc 100644 --- a/2019/7xxx/CVE-2019-7926.json +++ b/2019/7xxx/CVE-2019-7926.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7926", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7926", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7941.json b/2019/7xxx/CVE-2019-7941.json index ef95e68e5aa..58390b017b2 100644 --- a/2019/7xxx/CVE-2019-7941.json +++ b/2019/7xxx/CVE-2019-7941.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7941", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7941", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8358.json b/2019/8xxx/CVE-2019-8358.json index 707db25622c..881b9ed554f 100644 --- a/2019/8xxx/CVE-2019-8358.json +++ b/2019/8xxx/CVE-2019-8358.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.hiawatha-webserver.org/changelog", - "refsource" : "CONFIRM", - "url" : "https://www.hiawatha-webserver.org/changelog" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.hiawatha-webserver.org/changelog", + "refsource": "CONFIRM", + "url": "https://www.hiawatha-webserver.org/changelog" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8766.json b/2019/8xxx/CVE-2019-8766.json index 905efe5a923..33c2f19568d 100644 --- a/2019/8xxx/CVE-2019-8766.json +++ b/2019/8xxx/CVE-2019-8766.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8766", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8766", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8812.json b/2019/8xxx/CVE-2019-8812.json index 5a2b689ccda..ee5ba635167 100644 --- a/2019/8xxx/CVE-2019-8812.json +++ b/2019/8xxx/CVE-2019-8812.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8812", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8812", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8846.json b/2019/8xxx/CVE-2019-8846.json index 0e9879663c6..ca7987c7f4f 100644 --- a/2019/8xxx/CVE-2019-8846.json +++ b/2019/8xxx/CVE-2019-8846.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8846", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8846", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9316.json b/2019/9xxx/CVE-2019-9316.json index ba9524a917f..ff059e02472 100644 --- a/2019/9xxx/CVE-2019-9316.json +++ b/2019/9xxx/CVE-2019-9316.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9316", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9316", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9355.json b/2019/9xxx/CVE-2019-9355.json index 25dd60ba853..5914c49fa8c 100644 --- a/2019/9xxx/CVE-2019-9355.json +++ b/2019/9xxx/CVE-2019-9355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9534.json b/2019/9xxx/CVE-2019-9534.json index 0abfc02065b..d91fc3f1d61 100644 --- a/2019/9xxx/CVE-2019-9534.json +++ b/2019/9xxx/CVE-2019-9534.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9534", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9534", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9691.json b/2019/9xxx/CVE-2019-9691.json index 0b3dadbfc44..c19a3dcb5fb 100644 --- a/2019/9xxx/CVE-2019-9691.json +++ b/2019/9xxx/CVE-2019-9691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9691", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9691", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file