diff --git a/2007/0xxx/CVE-2007-0561.json b/2007/0xxx/CVE-2007-0561.json index 000de8ae296..f69c544b8c8 100644 --- a/2007/0xxx/CVE-2007-0561.json +++ b/2007/0xxx/CVE-2007-0561.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0561", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0561", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070125 Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458059/100/0/threaded" - }, - { - "name" : "3192", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3192" - }, - { - "name" : "22227", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22227" - }, - { - "name" : "ADV-2007-0338", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0338" - }, - { - "name" : "31634", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31634" - }, - { - "name" : "31977", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31977" - }, - { - "name" : "31978", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31978" - }, - { - "name" : "31979", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31979" - }, - { - "name" : "31980", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31980" - }, - { - "name" : "31981", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31981" - }, - { - "name" : "23952", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23952" - }, - { - "name" : "xero-multiple-scripts-file-include(31767)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31977", + "refsource": "OSVDB", + "url": "http://osvdb.org/31977" + }, + { + "name": "23952", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23952" + }, + { + "name": "31978", + "refsource": "OSVDB", + "url": "http://osvdb.org/31978" + }, + { + "name": "22227", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22227" + }, + { + "name": "xero-multiple-scripts-file-include(31767)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31767" + }, + { + "name": "3192", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3192" + }, + { + "name": "31980", + "refsource": "OSVDB", + "url": "http://osvdb.org/31980" + }, + { + "name": "ADV-2007-0338", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0338" + }, + { + "name": "31634", + "refsource": "OSVDB", + "url": "http://osvdb.org/31634" + }, + { + "name": "31979", + "refsource": "OSVDB", + "url": "http://osvdb.org/31979" + }, + { + "name": "31981", + "refsource": "OSVDB", + "url": "http://osvdb.org/31981" + }, + { + "name": "20070125 Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458059/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0675.json b/2007/0xxx/CVE-2007-0675.json index 92ac4ec1a64..41a0fcb2b67 100644 --- a/2007/0xxx/CVE-2007-0675.json +++ b/2007/0xxx/CVE-2007-0675.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0675", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0675", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dailydave] 20070130 Vista speach recognition", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html" - }, - { - "name" : "[dailydave] 20070130 Vista speach recognition", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html" - }, - { - "name" : "[dailydave] 20070130 Vista speach recognition", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html" - }, - { - "name" : "[dailydave] 20070131 Vista speach recognition", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html" - }, - { - "name" : "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx" - }, - { - "name" : "HPSBST02344", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=121380194923597&w=2" - }, - { - "name" : "SSRT080087", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=121380194923597&w=2" - }, - { - "name" : "MS08-032", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032" - }, - { - "name" : "TA08-162B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" - }, - { - "name" : "22359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22359" - }, - { - "name" : "oval:org.mitre.oval:def:5489", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489" - }, - { - "name" : "ADV-2008-1779", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1779/references" - }, - { - "name" : "1020232", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020232" - }, - { - "name" : "30578", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30578" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx" + }, + { + "name": "30578", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30578" + }, + { + "name": "[dailydave] 20070131 Vista speach recognition", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html" + }, + { + "name": "22359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22359" + }, + { + "name": "TA08-162B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" + }, + { + "name": "oval:org.mitre.oval:def:5489", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489" + }, + { + "name": "HPSBST02344", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2" + }, + { + "name": "[dailydave] 20070130 Vista speach recognition", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html" + }, + { + "name": "SSRT080087", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2" + }, + { + "name": "1020232", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020232" + }, + { + "name": "ADV-2008-1779", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1779/references" + }, + { + "name": "MS08-032", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032" + }, + { + "name": "[dailydave] 20070130 Vista speach recognition", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html" + }, + { + "name": "[dailydave] 20070130 Vista speach recognition", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0978.json b/2007/0xxx/CVE-2007-0978.json index e7884bf3846..41bf34f1bd0 100644 --- a/2007/0xxx/CVE-2007-0978.json +++ b/2007/0xxx/CVE-2007-0978.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0978", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0978", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IY94901", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94901" - }, - { - "name" : "ADV-2007-0617", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0617" - }, - { - "name" : "33200", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33200" - }, - { - "name" : "1017656", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017656" - }, - { - "name" : "24154", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24154" - }, - { - "name" : "aix-swcons-bo(32508)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32508" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017656", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017656" + }, + { + "name": "24154", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24154" + }, + { + "name": "33200", + "refsource": "OSVDB", + "url": "http://osvdb.org/33200" + }, + { + "name": "ADV-2007-0617", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0617" + }, + { + "name": "IY94901", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94901" + }, + { + "name": "aix-swcons-bo(32508)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32508" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3205.json b/2007/3xxx/CVE-2007-3205.json index 9ecbd9e7314..c064975d985 100644 --- a/2007/3xxx/CVE-2007-3205.json +++ b/2007/3xxx/CVE-2007-3205.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3205", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3205", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070612 PHP parse_str() arbitrary variable overwrite", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471178/100/0/threaded" - }, - { - "name" : "20070612 Re: PHP parse_str() arbitrary variable overwrite", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471204/100/0/threaded" - }, - { - "name" : "20070613 Re: PHP parse_str() arbitrary variable overwrite", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471275/100/0/threaded" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/14070612.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/14070612.txt" - }, - { - "name" : "39834", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39834" - }, - { - "name" : "2800", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2800" - }, - { - "name" : "php-parsestr-code-execution(34836)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34836" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39834", + "refsource": "OSVDB", + "url": "http://osvdb.org/39834" + }, + { + "name": "2800", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2800" + }, + { + "name": "20070612 Re: PHP parse_str() arbitrary variable overwrite", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471204/100/0/threaded" + }, + { + "name": "php-parsestr-code-execution(34836)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34836" + }, + { + "name": "20070613 Re: PHP parse_str() arbitrary variable overwrite", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471275/100/0/threaded" + }, + { + "name": "http://www.acid-root.new.fr/advisories/14070612.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/14070612.txt" + }, + { + "name": "20070612 PHP parse_str() arbitrary variable overwrite", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471178/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3232.json b/2007/3xxx/CVE-2007-3232.json index 7a0e16bca7e..27457056476 100644 --- a/2007/3xxx/CVE-2007-3232.json +++ b/2007/3xxx/CVE-2007-3232.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3232", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3232", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070612 using matasano's blackbag/deezee to find 0day and stuff", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html" - }, - { - "name" : "24452", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24452" - }, - { - "name" : "41610", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41610" - }, - { - "name" : "ibm-totalstorage-blankpassword-weak-security(34967)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34967" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24452", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24452" + }, + { + "name": "ibm-totalstorage-blankpassword-weak-security(34967)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34967" + }, + { + "name": "20070612 using matasano's blackbag/deezee to find 0day and stuff", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html" + }, + { + "name": "41610", + "refsource": "OSVDB", + "url": "http://osvdb.org/41610" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3456.json b/2007/3xxx/CVE-2007-3456.json index 78098866997..ad18f845b27 100644 --- a/2007/3xxx/CVE-2007-3456.json +++ b/2007/3xxx/CVE-2007-3456.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an \"input validation error,\" including a signed comparison of values that are assumed to be non-negative." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070713 [MSA01110707] Flash Player/Plugin Video file parsing Remote CodeExecution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473655/100/0/threaded" - }, - { - "name" : "20070719 Wii's Internet Channel affected to Flash FLV parser vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474163/100/200/threaded" - }, - { - "name" : "20070720 FLEA-2007-0032-1: flashplayer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474248/30/5760/threaded" - }, - { - "name" : "http://www.mindedsecurity.com/labs/advisories/MSA01110707", - "refsource" : "MISC", - "url" : "http://www.mindedsecurity.com/labs/advisories/MSA01110707" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "GLSA-200708-01", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml" - }, - { - "name" : "RHSA-2007:0696", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2007-0696.html" - }, - { - "name" : "103167", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1" - }, - { - "name" : "201506", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1" - }, - { - "name" : "SUSE-SA:2007:046", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html" - }, - { - "name" : "TA07-192A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-192A.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "VU#730785", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/730785" - }, - { - "name" : "24856", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24856" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "38054", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38054" - }, - { - "name" : "oval:org.mitre.oval:def:11493", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11493" - }, - { - "name" : "ADV-2007-2497", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2497" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "ADV-2007-4190", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4190" - }, - { - "name" : "1018359", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018359" - }, - { - "name" : "26027", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26027" - }, - { - "name" : "26057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26057" - }, - { - "name" : "26118", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26118" - }, - { - "name" : "26357", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26357" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "28068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28068" - }, - { - "name" : "flashplayer-swf-code-execution(35337)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35337" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an \"input validation error,\" including a signed comparison of values that are assumed to be non-negative." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28068" + }, + { + "name": "1018359", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018359" + }, + { + "name": "RHSA-2007:0696", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2007-0696.html" + }, + { + "name": "26357", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26357" + }, + { + "name": "SUSE-SA:2007:046", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html" + }, + { + "name": "201506", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1" + }, + { + "name": "38054", + "refsource": "OSVDB", + "url": "http://osvdb.org/38054" + }, + { + "name": "ADV-2007-4190", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4190" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "GLSA-200708-01", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml" + }, + { + "name": "26027", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26027" + }, + { + "name": "flashplayer-swf-code-execution(35337)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35337" + }, + { + "name": "TA07-192A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-192A.html" + }, + { + "name": "http://www.mindedsecurity.com/labs/advisories/MSA01110707", + "refsource": "MISC", + "url": "http://www.mindedsecurity.com/labs/advisories/MSA01110707" + }, + { + "name": "26118", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26118" + }, + { + "name": "oval:org.mitre.oval:def:11493", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11493" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "VU#730785", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/730785" + }, + { + "name": "20070713 [MSA01110707] Flash Player/Plugin Video file parsing Remote CodeExecution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473655/100/0/threaded" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "24856", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24856" + }, + { + "name": "ADV-2007-2497", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2497" + }, + { + "name": "20070720 FLEA-2007-0032-1: flashplayer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474248/30/5760/threaded" + }, + { + "name": "103167", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "26057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26057" + }, + { + "name": "20070719 Wii's Internet Channel affected to Flash FLV parser vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474163/100/200/threaded" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb07-12.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb07-12.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3599.json b/2007/3xxx/CVE-2007-3599.json index 543b583df4a..a8752cb9221 100644 --- a/2007/3xxx/CVE-2007-3599.json +++ b/2007/3xxx/CVE-2007-3599.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9", - "refsource" : "CONFIRM", - "url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9" - }, - { - "name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968", - "refsource" : "CONFIRM", - "url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968" - }, - { - "name" : "45781", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45781" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968", + "refsource": "CONFIRM", + "url": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968" + }, + { + "name": "45781", + "refsource": "OSVDB", + "url": "http://osvdb.org/45781" + }, + { + "name": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9", + "refsource": "CONFIRM", + "url": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3689.json b/2007/3xxx/CVE-2007-3689.json index 68dd46338e0..ec1f4a8da54 100644 --- a/2007/3xxx/CVE-2007-3689.json +++ b/2007/3xxx/CVE-2007-3689.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3689", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3689", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/152804", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/152804" - }, - { - "name" : "http://drupal.org/node/158029", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/158029" - }, - { - "name" : "http://drupal.org/node/158032", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/158032" - }, - { - "name" : "24862", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24862" - }, - { - "name" : "ADV-2007-2470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2470" - }, - { - "name" : "37897", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37897" - }, - { - "name" : "25978", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25978" - }, - { - "name" : "printfriendlypages-url-security-bypass(35314)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://drupal.org/node/158032", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/158032" + }, + { + "name": "25978", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25978" + }, + { + "name": "ADV-2007-2470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2470" + }, + { + "name": "24862", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24862" + }, + { + "name": "printfriendlypages-url-security-bypass(35314)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314" + }, + { + "name": "37897", + "refsource": "OSVDB", + "url": "http://osvdb.org/37897" + }, + { + "name": "http://drupal.org/node/158029", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/158029" + }, + { + "name": "http://drupal.org/node/152804", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/152804" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3997.json b/2007/3xxx/CVE-2007-3997.json index acc0999c4f9..37745a28741 100644 --- a/2007/3xxx/CVE-2007-3997.json +++ b/2007/3xxx/CVE-2007-3997.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4392", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4392" - }, - { - "name" : "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/", - "refsource" : "MISC", - "url" : "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.4", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.4" - }, - { - "name" : "http://www.php.net/releases/5_2_4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_4.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1702", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1702" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1693", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1693" - }, - { - "name" : "http://www.php.net/ChangeLog-4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-4.php" - }, - { - "name" : "http://www.php.net/releases/4_4_8.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/4_4_8.php" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "2007-0026", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0026/" - }, - { - "name" : "ADV-2007-3023", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3023" - }, - { - "name" : "26642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26642" - }, - { - "name" : "26822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26822" - }, - { - "name" : "26838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26838" - }, - { - "name" : "27377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27377" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "28318", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28318" - }, - { - "name" : "3102", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3102" - }, - { - "name" : "ADV-2008-0059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0059" - }, - { - "name" : "php-local-infile-security-bypass(36384)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384" - }, - { - "name" : "php-localinfile-mysql-security-bypass(39402)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "php-localinfile-mysql-security-bypass(39402)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402" + }, + { + "name": "26822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26822" + }, + { + "name": "ADV-2008-0059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0059" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "http://www.php.net/releases/4_4_8.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/4_4_8.php" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.4", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.4" + }, + { + "name": "2007-0026", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0026/" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1693", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1693" + }, + { + "name": "3102", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3102" + }, + { + "name": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/", + "refsource": "MISC", + "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1702", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1702" + }, + { + "name": "26838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26838" + }, + { + "name": "php-local-infile-security-bypass(36384)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384" + }, + { + "name": "27377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27377" + }, + { + "name": "4392", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4392" + }, + { + "name": "http://www.php.net/ChangeLog-4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-4.php" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "ADV-2007-3023", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3023" + }, + { + "name": "http://www.php.net/releases/5_2_4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_4.php" + }, + { + "name": "28318", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28318" + }, + { + "name": "26642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26642" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4274.json b/2007/4xxx/CVE-2007-4274.json index b29efdc803b..71cca44c5d5 100644 --- a/2007/4xxx/CVE-2007-4274.json +++ b/2007/4xxx/CVE-2007-4274.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4274", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4275. Reason: This candidate is a reservation duplicate of CVE-2007-4275. Notes: All CVE users should reference CVE-2007-4275 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-4274", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4275. Reason: This candidate is a reservation duplicate of CVE-2007-4275. Notes: All CVE users should reference CVE-2007-4275 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4693.json b/2007/4xxx/CVE-2007-4693.json index 07f4bbb6512..9db1cc89de1 100644 --- a/2007/4xxx/CVE-2007-4693.json +++ b/2007/4xxx/CVE-2007-4693.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to \"handling of keyboard focus between secure text fields.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "1018951", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018951" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "macosx-securityagent-screensaver-bypass(38480)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38480" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to \"handling of keyboard focus between secure text fields.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "1018951", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018951" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "macosx-securityagent-screensaver-bypass(38480)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38480" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4763.json b/2007/4xxx/CVE-2007-4763.json index c7d4cc00653..6e3393beea2 100644 --- a/2007/4xxx/CVE-2007-4763.json +++ b/2007/4xxx/CVE-2007-4763.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4363", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4363" - }, - { - "name" : "25541", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25541" - }, - { - "name" : "ADV-2007-3094", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3094" - }, - { - "name" : "38418", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38418" - }, - { - "name" : "phpof-dbadodbclass-file-include(36439)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36439" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3094", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3094" + }, + { + "name": "phpof-dbadodbclass-file-include(36439)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36439" + }, + { + "name": "38418", + "refsource": "OSVDB", + "url": "http://osvdb.org/38418" + }, + { + "name": "25541", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25541" + }, + { + "name": "4363", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4363" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6487.json b/2007/6xxx/CVE-2007-6487.json index 1835e499d35..abc030c3319 100644 --- a/2007/6xxx/CVE-2007-6487.json +++ b/2007/6xxx/CVE-2007-6487.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6487", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege", - "refsource" : "CONFIRM", - "url" : "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege" - }, - { - "name" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/", - "refsource" : "CONFIRM", - "url" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/" - }, - { - "name" : "42632", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42632" - }, - { - "name" : "28059", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28059" - }, - { - "name" : "webgui-admin-security-bypass(39041)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39041" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42632", + "refsource": "OSVDB", + "url": "http://osvdb.org/42632" + }, + { + "name": "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege", + "refsource": "CONFIRM", + "url": "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege" + }, + { + "name": "28059", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28059" + }, + { + "name": "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/", + "refsource": "CONFIRM", + "url": "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/" + }, + { + "name": "webgui-admin-security-bypass(39041)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39041" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6643.json b/2007/6xxx/CVE-2007-6643.json index 65bdbf0bc32..d92dc2b9e19 100644 --- a/2007/6xxx/CVE-2007-6643.json +++ b/2007/6xxx/CVE-2007-6643.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6643", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6643", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.joomla.org/content/view/4335/116/", - "refsource" : "CONFIRM", - "url" : "http://www.joomla.org/content/view/4335/116/" - }, - { - "name" : "MDVSA-2008:060", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060" - }, - { - "name" : "28111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28111" - }, - { - "name" : "39979", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39979" - }, - { - "name" : "1019145", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019145" - }, - { - "name" : "29257", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28111" + }, + { + "name": "29257", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29257" + }, + { + "name": "http://www.joomla.org/content/view/4335/116/", + "refsource": "CONFIRM", + "url": "http://www.joomla.org/content/view/4335/116/" + }, + { + "name": "1019145", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019145" + }, + { + "name": "MDVSA-2008:060", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060" + }, + { + "name": "39979", + "refsource": "OSVDB", + "url": "http://osvdb.org/39979" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1231.json b/2014/1xxx/CVE-2014-1231.json index d57cd7dcb6e..9ffc0ea116b 100644 --- a/2014/1xxx/CVE-2014-1231.json +++ b/2014/1xxx/CVE-2014-1231.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1231", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1231", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1667.json b/2014/1xxx/CVE-2014-1667.json index fbe112b5631..185093364d8 100644 --- a/2014/1xxx/CVE-2014-1667.json +++ b/2014/1xxx/CVE-2014-1667.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1667", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1667", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1797.json b/2014/1xxx/CVE-2014-1797.json index 9f1fa7728ed..24953b67279 100644 --- a/2014/1xxx/CVE-2014-1797.json +++ b/2014/1xxx/CVE-2014-1797.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" - }, - { - "name" : "67890", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67890" - }, - { - "name" : "1030370", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030370", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030370" + }, + { + "name": "MS14-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" + }, + { + "name": "67890", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67890" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5035.json b/2014/5xxx/CVE-2014-5035.json index 58f5343a675..f25bbd55d88 100644 --- a/2014/5xxx/CVE-2014-5035.json +++ b/2014/5xxx/CVE-2014-5035.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/533114/100/0/threaded" - }, - { - "name" : "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Aug/34" - }, - { - "name" : "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html" - }, - { - "name" : "opendaylight-cve20145035-file-include(95254)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95254" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Aug/34" + }, + { + "name": "opendaylight-cve20145035-file-include(95254)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95254" + }, + { + "name": "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/533114/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5171.json b/2014/5xxx/CVE-2014-5171.json index 47301c1a9f5..f3a58001439 100644 --- a/2014/5xxx/CVE-2014-5171.json +++ b/2014/5xxx/CVE-2014-5171.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532940/100/0/threaded" - }, - { - "name" : "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jul/149" - }, - { - "name" : "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html" - }, - { - "name" : "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021", - "refsource" : "MISC", - "url" : "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021" - }, - { - "name" : "http://scn.sap.com/docs/DOC-8218", - "refsource" : "CONFIRM", - "url" : "http://scn.sap.com/docs/DOC-8218" - }, - { - "name" : "https://service.sap.com/sap/support/notes/1963932", - "refsource" : "CONFIRM", - "url" : "https://service.sap.com/sap/support/notes/1963932" - }, - { - "name" : "68947", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68947" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021", + "refsource": "MISC", + "url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021" + }, + { + "name": "https://service.sap.com/sap/support/notes/1963932", + "refsource": "CONFIRM", + "url": "https://service.sap.com/sap/support/notes/1963932" + }, + { + "name": "68947", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68947" + }, + { + "name": "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532940/100/0/threaded" + }, + { + "name": "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jul/149" + }, + { + "name": "http://scn.sap.com/docs/DOC-8218", + "refsource": "CONFIRM", + "url": "http://scn.sap.com/docs/DOC-8218" + }, + { + "name": "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5454.json b/2014/5xxx/CVE-2014-5454.json index f7195958acd..c6acd97cf99 100644 --- a/2014/5xxx/CVE-2014-5454.json +++ b/2014/5xxx/CVE-2014-5454.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5454", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html" - }, - { - "name" : "sas-visualanalytics-file-upload(95351)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95351" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sas-visualanalytics-file-upload(95351)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95351" + }, + { + "name": "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5975.json b/2014/5xxx/CVE-2014-5975.json index e38705bfb6a..b06341baf8e 100644 --- a/2014/5xxx/CVE-2014-5975.json +++ b/2014/5xxx/CVE-2014-5975.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5975", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5975", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#650609", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/650609" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#650609", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/650609" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2385.json b/2015/2xxx/CVE-2015-2385.json index fcf431b08af..8fcb1bc6446 100644 --- a/2015/2xxx/CVE-2015-2385.json +++ b/2015/2xxx/CVE-2015-2385.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2385", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2385", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2392.json b/2015/2xxx/CVE-2015-2392.json index 53d4a870d6a..c5530cecb60 100644 --- a/2015/2xxx/CVE-2015-2392.json +++ b/2015/2xxx/CVE-2015-2392.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2392", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-2392", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2483.json b/2015/2xxx/CVE-2015-2483.json index 07a27000198..e1fd07df2a9 100644 --- a/2015/2xxx/CVE-2015-2483.json +++ b/2015/2xxx/CVE-2015-2483.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" - }, - { - "name" : "76584", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76584" - }, - { - "name" : "1033487", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76584", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76584" + }, + { + "name": "MS15-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" + }, + { + "name": "1033487", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033487" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2867.json b/2015/2xxx/CVE-2015-2867.json index ea0722a9179..fa972b1daec 100644 --- a/2015/2xxx/CVE-2015-2867.json +++ b/2015/2xxx/CVE-2015-2867.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2015-2867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ComfortLink II SCC firmware", - "version" : { - "version_data" : [ - { - "version_value" : "2.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Trane" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "hardcoded passwords" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ComfortLink II SCC firmware", + "version": { + "version_data": [ + { + "version_value": "2.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Trane" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0028/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0028/" - }, - { - "name" : "95120", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95120" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "hardcoded passwords" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0028/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/" + }, + { + "name": "95120", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95120" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6179.json b/2015/6xxx/CVE-2015-6179.json index f017325f482..24d2b07f5ef 100644 --- a/2015/6xxx/CVE-2015-6179.json +++ b/2015/6xxx/CVE-2015-6179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6179", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6179", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6478.json b/2015/6xxx/CVE-2015-6478.json index 8b3def2013a..46cc1fe83f6 100644 --- a/2015/6xxx/CVE-2015-6478.json +++ b/2015/6xxx/CVE-2015-6478.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6478", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-6478", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-573", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-573" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-577", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-577" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-578", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-578" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-579", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-579" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-580", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-580" - }, - { - "name" : "77571", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77571" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-578", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-578" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-579", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-579" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-580", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-580" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-573", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-573" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-577", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-577" + }, + { + "name": "77571", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77571" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6934.json b/2015/6xxx/CVE-2015-6934.json index 9991bd3f57a..b1112f3c82d 100644 --- a/2015/6xxx/CVE-2015-6934.json +++ b/2015/6xxx/CVE-2015-6934.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6934", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6934", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2015-0009.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2015-0009.html" - }, - { - "name" : "79648", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79648" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2015-0009.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2015-0009.html" + }, + { + "name": "79648", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79648" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7703.json b/2015/7xxx/CVE-2015-7703.json index fc3869b7f5b..7bf53309a39 100644 --- a/2015/7xxx/CVE-2015-7703.json +++ b/2015/7xxx/CVE-2015-7703.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7703", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7703", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.ntp.org/bin/view/Main/NtpBug2902", - "refsource" : "CONFIRM", - "url" : "http://support.ntp.org/bin/view/Main/NtpBug2902" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1254547", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1254547" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20171004-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20171004-0001/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3388", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3388" - }, - { - "name" : "GLSA-201607-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-15" - }, - { - "name" : "RHSA-2016:0780", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0780.html" - }, - { - "name" : "RHSA-2016:2583", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2583.html" - }, - { - "name" : "77278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77278" - }, - { - "name" : "1033951", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "RHSA-2016:2583", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" + }, + { + "name": "1033951", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033951" + }, + { + "name": "77278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77278" + }, + { + "name": "RHSA-2016:0780", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" + }, + { + "name": "http://support.ntp.org/bin/view/Main/NtpBug2902", + "refsource": "CONFIRM", + "url": "http://support.ntp.org/bin/view/Main/NtpBug2902" + }, + { + "name": "DSA-3388", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3388" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1254547", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254547" + }, + { + "name": "GLSA-201607-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-15" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20171004-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0371.json b/2016/0xxx/CVE-2016-0371.json index ff86f49f590..27105c4ab44 100644 --- a/2016/0xxx/CVE-2016-0371.json +++ b/2016/0xxx/CVE-2016-0371.json @@ -1,226 +1,226 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Tivoli Storage Manager", - "version" : { - "version_data" : [ - { - "version_value" : "5.3.5.3" - }, - { - "version_value" : "5.4.1.2" - }, - { - "version_value" : "4.2" - }, - { - "version_value" : "4.2.1" - }, - { - "version_value" : "5.1.8" - }, - { - "version_value" : "5.2.5.1" - }, - { - "version_value" : "5.2.7" - }, - { - "version_value" : "5.2.8" - }, - { - "version_value" : "5.2.9" - }, - { - "version_value" : "5.3.0" - }, - { - "version_value" : "5.3.1" - }, - { - "version_value" : "5.3.2" - }, - { - "version_value" : "5.3.3" - }, - { - "version_value" : "5.4.4.0" - }, - { - "version_value" : "5.4.2.4" - }, - { - "version_value" : "5.4.2.3" - }, - { - "version_value" : "5.4.2.2" - }, - { - "version_value" : "5.3.6.9" - }, - { - "version_value" : "5.3.6.2" - }, - { - "version_value" : "5.3.6.1" - }, - { - "version_value" : "5.3.4" - }, - { - "version_value" : "5.2.5.3" - }, - { - "version_value" : "5.2.5.2" - }, - { - "version_value" : "5.2.4" - }, - { - "version_value" : "5.3.5.1" - }, - { - "version_value" : "5.3.2.4" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "5.1.0" - }, - { - "version_value" : "5.1.1" - }, - { - "version_value" : "5.1.10" - }, - { - "version_value" : "5.1.5" - }, - { - "version_value" : "5.1.6" - }, - { - "version_value" : "5.1.7" - }, - { - "version_value" : "5.1.9" - }, - { - "version_value" : "5.2.0" - }, - { - "version_value" : "5.2.1" - }, - { - "version_value" : "4.2.2" - }, - { - "version_value" : "4.2.3" - }, - { - "version_value" : "4.2.4" - }, - { - "version_value" : "5.2.2" - }, - { - "version_value" : "5.3" - }, - { - "version_value" : "5.2 Client" - }, - { - "version_value" : "5.4 Client" - }, - { - "version_value" : "5.5.7" - }, - { - "version_value" : "5.2.3.4 Client" - }, - { - "version_value" : "5.5.1.0" - }, - { - "version_value" : "5.5.1.6" - }, - { - "version_value" : "5.4" - }, - { - "version_value" : "5.5" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "6.2" - }, - { - "version_value" : "6.3" - }, - { - "version_value" : "6.4" - }, - { - "version_value" : "7.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Tivoli Storage Manager", + "version": { + "version_data": [ + { + "version_value": "5.3.5.3" + }, + { + "version_value": "5.4.1.2" + }, + { + "version_value": "4.2" + }, + { + "version_value": "4.2.1" + }, + { + "version_value": "5.1.8" + }, + { + "version_value": "5.2.5.1" + }, + { + "version_value": "5.2.7" + }, + { + "version_value": "5.2.8" + }, + { + "version_value": "5.2.9" + }, + { + "version_value": "5.3.0" + }, + { + "version_value": "5.3.1" + }, + { + "version_value": "5.3.2" + }, + { + "version_value": "5.3.3" + }, + { + "version_value": "5.4.4.0" + }, + { + "version_value": "5.4.2.4" + }, + { + "version_value": "5.4.2.3" + }, + { + "version_value": "5.4.2.2" + }, + { + "version_value": "5.3.6.9" + }, + { + "version_value": "5.3.6.2" + }, + { + "version_value": "5.3.6.1" + }, + { + "version_value": "5.3.4" + }, + { + "version_value": "5.2.5.3" + }, + { + "version_value": "5.2.5.2" + }, + { + "version_value": "5.2.4" + }, + { + "version_value": "5.3.5.1" + }, + { + "version_value": "5.3.2.4" + }, + { + "version_value": "6.0" + }, + { + "version_value": "5.1.0" + }, + { + "version_value": "5.1.1" + }, + { + "version_value": "5.1.10" + }, + { + "version_value": "5.1.5" + }, + { + "version_value": "5.1.6" + }, + { + "version_value": "5.1.7" + }, + { + "version_value": "5.1.9" + }, + { + "version_value": "5.2.0" + }, + { + "version_value": "5.2.1" + }, + { + "version_value": "4.2.2" + }, + { + "version_value": "4.2.3" + }, + { + "version_value": "4.2.4" + }, + { + "version_value": "5.2.2" + }, + { + "version_value": "5.3" + }, + { + "version_value": "5.2 Client" + }, + { + "version_value": "5.4 Client" + }, + { + "version_value": "5.5.7" + }, + { + "version_value": "5.2.3.4 Client" + }, + { + "version_value": "5.5.1.0" + }, + { + "version_value": "5.5.1.6" + }, + { + "version_value": "5.4" + }, + { + "version_value": "5.5" + }, + { + "version_value": "6.1" + }, + { + "version_value": "6.2" + }, + { + "version_value": "6.3" + }, + { + "version_value": "6.4" + }, + { + "version_value": "7.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985114", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985114" - }, - { - "name" : "94148", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94148" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94148", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94148" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985114", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985114" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0429.json b/2016/0xxx/CVE-2016-0429.json index a0f0d2c7d3e..9989823c28b 100644 --- a/2016/0xxx/CVE-2016-0429.json +++ b/2016/0xxx/CVE-2016-0429.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034711" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10298.json b/2016/10xxx/CVE-2016-10298.json index 8efdb29a050..48565fd30c1 100644 --- a/2016/10xxx/CVE-2016-10298.json +++ b/2016/10xxx/CVE-2016-10298.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-06-05T00:00:00", - "ID" : "CVE-2016-10298", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-06-05T00:00:00", + "ID": "CVE-2016-10298", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10429.json b/2016/10xxx/CVE-2016-10429.json index 7435ccc15f8..6ac4b5b1dcf 100644 --- a/2016/10xxx/CVE-2016-10429.json +++ b/2016/10xxx/CVE-2016-10429.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Possible Improper Authorization in QTEE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Possible Improper Authorization in QTEE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10453.json b/2016/10xxx/CVE-2016-10453.json index 21a8bf648d1..192d5ef30d2 100644 --- a/2016/10xxx/CVE-2016-10453.json +++ b/2016/10xxx/CVE-2016-10453.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10453", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10453", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4086.json b/2016/4xxx/CVE-2016-4086.json index e9547b5bbd9..0af4f770759 100644 --- a/2016/4xxx/CVE-2016-4086.json +++ b/2016/4xxx/CVE-2016-4086.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en" - }, - { - "name" : "92622", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92622" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en" + }, + { + "name": "92622", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92622" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4640.json b/2016/4xxx/CVE-2016-4640.json index 002018afb84..1238e003026 100644 --- a/2016/4xxx/CVE-2016-4640.json +++ b/2016/4xxx/CVE-2016-4640.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4640", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4640", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-435/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-435/" - }, - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-435/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-435/" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9131.json b/2016/9xxx/CVE-2016-9131.json index 0a345d583a3..caad9501327 100644 --- a/2016/9xxx/CVE-2016-9131.json +++ b/2016/9xxx/CVE-2016-9131.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9131", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9131", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131", - "refsource" : "CONFIRM", - "url" : "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180926-0005/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180926-0005/" - }, - { - "name" : "DSA-3758", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3758" - }, - { - "name" : "GLSA-201708-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201708-01" - }, - { - "name" : "RHSA-2017:0062", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0062.html" - }, - { - "name" : "RHSA-2017:1583", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1583" - }, - { - "name" : "95386", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95386" - }, - { - "name" : "1037582", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037582", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037582" + }, + { + "name": "GLSA-201708-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201708-01" + }, + { + "name": "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131" + }, + { + "name": "95386", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95386" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180926-0005/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180926-0005/" + }, + { + "name": "DSA-3758", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3758" + }, + { + "name": "RHSA-2017:1583", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1583" + }, + { + "name": "RHSA-2017:0062", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0062.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9702.json b/2016/9xxx/CVE-2016-9702.json index 4de4eb3fcf6..c5ab02c297d 100644 --- a/2016/9xxx/CVE-2016-9702.json +++ b/2016/9xxx/CVE-2016-9702.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9702", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9702", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9781.json b/2016/9xxx/CVE-2016-9781.json index 1ca671d92da..1a351c5cdc8 100644 --- a/2016/9xxx/CVE-2016-9781.json +++ b/2016/9xxx/CVE-2016-9781.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9781", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9781", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003026.json b/2019/1003xxx/CVE-2019-1003026.json index ba3f716f2b6..a130dd86f29 100644 --- a/2019/1003xxx/CVE-2019-1003026.json +++ b/2019/1003xxx/CVE-2019-1003026.json @@ -1,69 +1,69 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-02-19T22:20:51.847679", - "ID" : "CVE-2019-1003026", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins Mattermost Notification Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "2.6.2 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-441, CWE-918, CWE-352" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-02-19T22:20:51.847679", + "ID": "CVE-2019-1003026", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jenkins Mattermost Notification Plugin", + "version": { + "version_data": [ + { + "version_value": "2.6.2 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985" - }, - { - "name" : "107295", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107295" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-441, CWE-918, CWE-352" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985" + }, + { + "name": "107295", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107295" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2162.json b/2019/2xxx/CVE-2019-2162.json index c8fe12095f6..e57fe96a2cc 100644 --- a/2019/2xxx/CVE-2019-2162.json +++ b/2019/2xxx/CVE-2019-2162.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2162", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2162", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2330.json b/2019/2xxx/CVE-2019-2330.json index e16d2e41768..9726df7f87a 100644 --- a/2019/2xxx/CVE-2019-2330.json +++ b/2019/2xxx/CVE-2019-2330.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2330", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2330", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2707.json b/2019/2xxx/CVE-2019-2707.json index 2a4c0f540c0..ee162f4561d 100644 --- a/2019/2xxx/CVE-2019-2707.json +++ b/2019/2xxx/CVE-2019-2707.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2707", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2707", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2710.json b/2019/2xxx/CVE-2019-2710.json index 92809552d1a..72be03a5ba5 100644 --- a/2019/2xxx/CVE-2019-2710.json +++ b/2019/2xxx/CVE-2019-2710.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2710", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2710", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3364.json b/2019/3xxx/CVE-2019-3364.json index 54b8667f355..e67ce6b7345 100644 --- a/2019/3xxx/CVE-2019-3364.json +++ b/2019/3xxx/CVE-2019-3364.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3364", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3364", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3454.json b/2019/3xxx/CVE-2019-3454.json index 2467bad9f04..ac6f52ff44e 100644 --- a/2019/3xxx/CVE-2019-3454.json +++ b/2019/3xxx/CVE-2019-3454.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3454", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3454", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3944.json b/2019/3xxx/CVE-2019-3944.json index 07a4a4a5a7c..5666c8528d9 100644 --- a/2019/3xxx/CVE-2019-3944.json +++ b/2019/3xxx/CVE-2019-3944.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3944", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3944", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3960.json b/2019/3xxx/CVE-2019-3960.json index c21df4c1439..f19ed6790fe 100644 --- a/2019/3xxx/CVE-2019-3960.json +++ b/2019/3xxx/CVE-2019-3960.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3960", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3960", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6128.json b/2019/6xxx/CVE-2019-6128.json index f9ca4a091af..09062ad67c5 100644 --- a/2019/6xxx/CVE-2019-6128.json +++ b/2019/6xxx/CVE-2019-6128.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2836", - "refsource" : "MISC", - "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2836" - }, - { - "name" : "USN-3906-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3906-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3906-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3906-1/" + }, + { + "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2836", + "refsource": "MISC", + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2836" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6454.json b/2019/6xxx/CVE-2019-6454.json index 12da7c9fcb8..6f1ac7a89a4 100644 --- a/2019/6xxx/CVE-2019-6454.json +++ b/2019/6xxx/CVE-2019-6454.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6454", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6454", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6909.json b/2019/6xxx/CVE-2019-6909.json index f46618d8fe5..2436bdec20b 100644 --- a/2019/6xxx/CVE-2019-6909.json +++ b/2019/6xxx/CVE-2019-6909.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6909", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6909", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6999.json b/2019/6xxx/CVE-2019-6999.json index cc16bfee4e7..31e21f891cf 100644 --- a/2019/6xxx/CVE-2019-6999.json +++ b/2019/6xxx/CVE-2019-6999.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6999", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6999", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7033.json b/2019/7xxx/CVE-2019-7033.json index 9e88df3ba9b..689e8238393 100644 --- a/2019/7xxx/CVE-2019-7033.json +++ b/2019/7xxx/CVE-2019-7033.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7033", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7033", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7280.json b/2019/7xxx/CVE-2019-7280.json index 497f3cacb7d..f030443c613 100644 --- a/2019/7xxx/CVE-2019-7280.json +++ b/2019/7xxx/CVE-2019-7280.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7280", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7280", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7303.json b/2019/7xxx/CVE-2019-7303.json index 5b676e70a51..e069090b5a0 100644 --- a/2019/7xxx/CVE-2019-7303.json +++ b/2019/7xxx/CVE-2019-7303.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7303", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7303", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7651.json b/2019/7xxx/CVE-2019-7651.json index 3f1c32fbe09..8a001180d74 100644 --- a/2019/7xxx/CVE-2019-7651.json +++ b/2019/7xxx/CVE-2019-7651.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories \"inside\" the \\\\.\\EPP device are not properly protected, leading to unintended impersonation or object creation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/", - "refsource" : "MISC", - "url" : "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/" - }, - { - "name" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md", - "refsource" : "MISC", - "url" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md" - }, - { - "name" : "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html", - "refsource" : "MISC", - "url" : "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories \"inside\" the \\\\.\\EPP device are not properly protected, leading to unintended impersonation or object creation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md", + "refsource": "MISC", + "url": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md" + }, + { + "name": "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html", + "refsource": "MISC", + "url": "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html" + }, + { + "name": "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/", + "refsource": "MISC", + "url": "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8214.json b/2019/8xxx/CVE-2019-8214.json index 4440bf9f7fa..4f3816cde45 100644 --- a/2019/8xxx/CVE-2019-8214.json +++ b/2019/8xxx/CVE-2019-8214.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8214", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8214", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8305.json b/2019/8xxx/CVE-2019-8305.json index e1317cd1428..b065846475b 100644 --- a/2019/8xxx/CVE-2019-8305.json +++ b/2019/8xxx/CVE-2019-8305.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8305", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8305", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8818.json b/2019/8xxx/CVE-2019-8818.json index 62010830607..ba5b106fd5e 100644 --- a/2019/8xxx/CVE-2019-8818.json +++ b/2019/8xxx/CVE-2019-8818.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8818", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8818", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8876.json b/2019/8xxx/CVE-2019-8876.json index 720fa99a2a3..67254c6919f 100644 --- a/2019/8xxx/CVE-2019-8876.json +++ b/2019/8xxx/CVE-2019-8876.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8876", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8876", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9087.json b/2019/9xxx/CVE-2019-9087.json index 30f503495ad..e46d2dafc0b 100644 --- a/2019/9xxx/CVE-2019-9087.json +++ b/2019/9xxx/CVE-2019-9087.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9087", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9087", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9687.json b/2019/9xxx/CVE-2019-9687.json index f72f16a7a64..1580c063e45 100644 --- a/2019/9xxx/CVE-2019-9687.json +++ b/2019/9xxx/CVE-2019-9687.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9687", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9687", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceforge.net/p/podofo/code/1969", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/podofo/code/1969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/podofo/code/1969", + "refsource": "MISC", + "url": "https://sourceforge.net/p/podofo/code/1969" + } + ] + } +} \ No newline at end of file