From 97a4ac440094502d600cf121092a35c30645aa4d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:54:24 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0322.json | 120 ++++++++-------- 1999/0xxx/CVE-1999-0756.json | 130 ++++++++--------- 1999/1xxx/CVE-1999-1519.json | 140 +++++++++--------- 2000/1xxx/CVE-2000-1208.json | 160 ++++++++++----------- 2005/2xxx/CVE-2005-2071.json | 190 ++++++++++++------------ 2005/2xxx/CVE-2005-2592.json | 160 ++++++++++----------- 2005/2xxx/CVE-2005-2690.json | 130 ++++++++--------- 2005/2xxx/CVE-2005-2881.json | 140 +++++++++--------- 2005/2xxx/CVE-2005-2978.json | 270 +++++++++++++++++------------------ 2007/1xxx/CVE-2007-1457.json | 170 +++++++++++----------- 2007/5xxx/CVE-2007-5154.json | 160 ++++++++++----------- 2007/5xxx/CVE-2007-5252.json | 180 +++++++++++------------ 2009/2xxx/CVE-2009-2532.json | 140 +++++++++--------- 2009/2xxx/CVE-2009-2557.json | 150 +++++++++---------- 2009/2xxx/CVE-2009-2593.json | 160 ++++++++++----------- 2009/2xxx/CVE-2009-2728.json | 34 ++--- 2015/0xxx/CVE-2015-0060.json | 140 +++++++++--------- 2015/0xxx/CVE-2015-0567.json | 34 ++--- 2015/3xxx/CVE-2015-3016.json | 34 ++--- 2015/3xxx/CVE-2015-3342.json | 150 +++++++++---------- 2015/3xxx/CVE-2015-3902.json | 170 +++++++++++----------- 2015/4xxx/CVE-2015-4242.json | 130 ++++++++--------- 2015/4xxx/CVE-2015-4588.json | 250 ++++++++++++++++---------------- 2015/4xxx/CVE-2015-4762.json | 130 ++++++++--------- 2015/4xxx/CVE-2015-4799.json | 130 ++++++++--------- 2015/8xxx/CVE-2015-8084.json | 130 ++++++++--------- 2015/8xxx/CVE-2015-8493.json | 34 ++--- 2015/8xxx/CVE-2015-8577.json | 150 +++++++++---------- 2015/8xxx/CVE-2015-8742.json | 160 ++++++++++----------- 2015/8xxx/CVE-2015-8908.json | 34 ++--- 2015/9xxx/CVE-2015-9184.json | 132 ++++++++--------- 2016/1xxx/CVE-2016-1064.json | 130 ++++++++--------- 2016/5xxx/CVE-2016-5761.json | 170 +++++++++++----------- 2018/2xxx/CVE-2018-2140.json | 34 ++--- 2018/2xxx/CVE-2018-2194.json | 34 ++--- 2018/2xxx/CVE-2018-2405.json | 182 +++++++++++------------ 2018/2xxx/CVE-2018-2466.json | 148 +++++++++---------- 2018/2xxx/CVE-2018-2810.json | 182 +++++++++++------------ 2018/6xxx/CVE-2018-6688.json | 34 ++--- 2018/6xxx/CVE-2018-6971.json | 152 ++++++++++---------- 2019/0xxx/CVE-2019-0467.json | 34 ++--- 2019/0xxx/CVE-2019-0487.json | 34 ++--- 2019/0xxx/CVE-2019-0679.json | 34 ++--- 2019/0xxx/CVE-2019-0817.json | 34 ++--- 2019/1xxx/CVE-2019-1001.json | 34 ++--- 2019/1xxx/CVE-2019-1145.json | 34 ++--- 2019/1xxx/CVE-2019-1270.json | 34 ++--- 2019/1xxx/CVE-2019-1419.json | 34 ++--- 2019/5xxx/CVE-2019-5288.json | 34 ++--- 2019/5xxx/CVE-2019-5884.json | 130 ++++++++--------- 2019/5xxx/CVE-2019-5988.json | 34 ++--- 51 files changed, 2889 insertions(+), 2889 deletions(-) diff --git a/1999/0xxx/CVE-1999-0322.json b/1999/0xxx/CVE-1999-0322.json index 5ab343d0596..e6bf193316b 100644 --- a/1999/0xxx/CVE-1999-0322.json +++ b/1999/0xxx/CVE-1999-0322.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The open() function in FreeBSD allows local attackers to write to arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6092", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The open() function in FreeBSD allows local attackers to write to arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6092", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6092" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0756.json b/1999/0xxx/CVE-1999-0756.json index 71bba8a3284..6bd6cb46df7 100644 --- a/1999/0xxx/CVE-1999-0756.json +++ b/1999/0xxx/CVE-1999-0756.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0756", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0756", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ASB99-07", - "refsource" : "ALLAIRE", - "url" : "http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full" - }, - { - "name" : "coldfusion-admin-dos(2207)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2207" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ASB99-07", + "refsource": "ALLAIRE", + "url": "http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full" + }, + { + "name": "coldfusion-admin-dos(2207)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2207" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1519.json b/1999/1xxx/CVE-1999-1519.json index ae810e18c2f..af75032af17 100644 --- a/1999/1xxx/CVE-1999-1519.json +++ b/1999/1xxx/CVE-1999-1519.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1519", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1519", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991117 Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94286244700573&w=2" - }, - { - "name" : "805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/805" - }, - { - "name" : "g6ftp-username-dos(3513)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "g6ftp-username-dos(3513)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3513" + }, + { + "name": "19991117 Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94286244700573&w=2" + }, + { + "name": "805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/805" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1208.json b/2000/1xxx/CVE-2000-1208.json index 48fecdbe03e..13fab8f3d1f 100644 --- a/2000/1xxx/CVE-2000-1208.json +++ b/2000/1xxx/CVE-2000-1208.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000925 Format strings: bug #1: BSD-lpr", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=96994604300675&w=2" - }, - { - "name" : "RHSA-2000:066", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-066.html" - }, - { - "name" : "20001004 Immunix OS Security Update for lpr", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/137555" - }, - { - "name" : "lpr-checkremote-format-string(5286)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/5286.php" - }, - { - "name" : "1711", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000925 Format strings: bug #1: BSD-lpr", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=96994604300675&w=2" + }, + { + "name": "lpr-checkremote-format-string(5286)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/5286.php" + }, + { + "name": "1711", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1711" + }, + { + "name": "20001004 Immunix OS Security Update for lpr", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/137555" + }, + { + "name": "RHSA-2000:066", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2071.json b/2005/2xxx/CVE-2005-2071.json index 45a2938ce10..09a6c9b81da 100644 --- a/2005/2xxx/CVE-2005-2071.json +++ b/2005/2xxx/CVE-2005-2071.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2071", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2071", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050624 Solaris 10 /usr/sbin/traceroute vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111963068714114&w=2" - }, - { - "name" : "20050624 Re: Solaris 10 /usr/sbin/traceroute vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111964580023012&w=2" - }, - { - "name" : "20050624 Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111963809801731&w=2" - }, - { - "name" : "102060", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102060-1" - }, - { - "name" : "14049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14049" - }, - { - "name" : "ADV-2005-2564", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2564" - }, - { - "name" : "1015261", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015261" - }, - { - "name" : "17708", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050624 Re: Solaris 10 /usr/sbin/traceroute vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111964580023012&w=2" + }, + { + "name": "20050624 Solaris 10 /usr/sbin/traceroute vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111963068714114&w=2" + }, + { + "name": "20050624 Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111963809801731&w=2" + }, + { + "name": "102060", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102060-1" + }, + { + "name": "1015261", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015261" + }, + { + "name": "ADV-2005-2564", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2564" + }, + { + "name": "14049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14049" + }, + { + "name": "17708", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17708" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2592.json b/2005/2xxx/CVE-2005-2592.json index dcb5c3697cb..7c4804d2b86 100644 --- a/2005/2xxx/CVE-2005-2592.json +++ b/2005/2xxx/CVE-2005-2592.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en", - "refsource" : "MISC", - "url" : "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en" - }, - { - "name" : "14562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14562" - }, - { - "name" : "18756", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18756" - }, - { - "name" : "16408", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16408" - }, - { - "name" : "mindalign-bypass-authentication(21838)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21838" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mindalign-bypass-authentication(21838)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21838" + }, + { + "name": "18756", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18756" + }, + { + "name": "14562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14562" + }, + { + "name": "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en", + "refsource": "MISC", + "url": "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en" + }, + { + "name": "16408", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16408" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2690.json b/2005/2xxx/CVE-2005-2690.json index 81e620b060f..7bbaeacd3f1 100644 --- a/2005/2xxx/CVE-2005-2690.json +++ b/2005/2xxx/CVE-2005-2690.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050822 [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/408818" - }, - { - "name" : "14636", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14636", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14636" + }, + { + "name": "20050822 [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/408818" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2881.json b/2005/2xxx/CVE-2005-2881.json index 814d5b3ba64..a734ddfe8b8 100644 --- a/2005/2xxx/CVE-2005-2881.json +++ b/2005/2xxx/CVE-2005-2881.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2881", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2881", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050905 phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112605610624004&w=2" - }, - { - "name" : "http://rgod.altervista.org/phpccal.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/phpccal.html" - }, - { - "name" : "phpcommunitycalendar-admin-bypass-security(22182)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22182" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050905 phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112605610624004&w=2" + }, + { + "name": "phpcommunitycalendar-admin-bypass-security(22182)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22182" + }, + { + "name": "http://rgod.altervista.org/phpccal.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/phpccal.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2978.json b/2005/2xxx/CVE-2005-2978.json index e2a34a35ab4..cf48203548d 100644 --- a/2005/2xxx/CVE-2005-2978.json +++ b/2005/2xxx/CVE-2005-2978.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2978", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2978", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278" - }, - { - "name" : "DSA-878", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-878" - }, - { - "name" : "GLSA-200510-18", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml" - }, - { - "name" : "RHSA-2005:793", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-793.html" - }, - { - "name" : "SUSE-SR:2005:024", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_24_sr.html" - }, - { - "name" : "USN-210-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/210-1/" - }, - { - "name" : "15128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15128" - }, - { - "name" : "oval:org.mitre.oval:def:10135", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135" - }, - { - "name" : "ADV-2005-2133", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2133" - }, - { - "name" : "1015071", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015071" - }, - { - "name" : "17357", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17357" - }, - { - "name" : "17221", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17221" - }, - { - "name" : "17222", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17222" - }, - { - "name" : "17256", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17256" - }, - { - "name" : "17265", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17265" - }, - { - "name" : "17282", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-210-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/210-1/" + }, + { + "name": "1015071", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015071" + }, + { + "name": "ADV-2005-2133", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2133" + }, + { + "name": "17282", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17282" + }, + { + "name": "DSA-878", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-878" + }, + { + "name": "17221", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17221" + }, + { + "name": "17357", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17357" + }, + { + "name": "RHSA-2005:793", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-793.html" + }, + { + "name": "17256", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17256" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278" + }, + { + "name": "17265", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17265" + }, + { + "name": "17222", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17222" + }, + { + "name": "SUSE-SR:2005:024", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html" + }, + { + "name": "GLSA-200510-18", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml" + }, + { + "name": "15128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15128" + }, + { + "name": "oval:org.mitre.oval:def:10135", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1457.json b/2007/1xxx/CVE-2007-1457.json index fdf48f789df..fff49c0afc0 100644 --- a/2007/1xxx/CVE-2007-1457.json +++ b/2007/1xxx/CVE-2007-1457.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117392197607422&w=2" - }, - { - "name" : "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup", - "refsource" : "MISC", - "url" : "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup" - }, - { - "name" : "22942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22942" - }, - { - "name" : "ADV-2007-0961", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0961" - }, - { - "name" : "34076", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34076" - }, - { - "name" : "24472", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup", + "refsource": "MISC", + "url": "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup" + }, + { + "name": "34076", + "refsource": "OSVDB", + "url": "http://osvdb.org/34076" + }, + { + "name": "24472", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24472" + }, + { + "name": "22942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22942" + }, + { + "name": "ADV-2007-0961", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0961" + }, + { + "name": "20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117392197607422&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5154.json b/2007/5xxx/CVE-2007-5154.json index 418bb2af10e..03cf3f3f869 100644 --- a/2007/5xxx/CVE-2007-5154.json +++ b/2007/5xxx/CVE-2007-5154.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5154", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5154", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#70075625", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2370075625/index.html" - }, - { - "name" : "25843", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25843" - }, - { - "name" : "41380", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41380" - }, - { - "name" : "27004", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27004" - }, - { - "name" : "aipo-aipoasp-session-hijacking(36850)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#70075625", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2370075625/index.html" + }, + { + "name": "41380", + "refsource": "OSVDB", + "url": "http://osvdb.org/41380" + }, + { + "name": "aipo-aipoasp-session-hijacking(36850)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36850" + }, + { + "name": "27004", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27004" + }, + { + "name": "25843", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25843" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5252.json b/2007/5xxx/CVE-2007-5252.json index d2d2492d887..e05f770e633 100644 --- a/2007/5xxx/CVE-2007-5252.json +++ b/2007/5xxx/CVE-2007-5252.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5252", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5252", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071004 DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481537/100/0/threaded" - }, - { - "name" : "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=", - "refsource" : "MISC", - "url" : "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=" - }, - { - "name" : "25932", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25932" - }, - { - "name" : "1018774", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018774" - }, - { - "name" : "27082", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27082" - }, - { - "name" : "3198", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3198" - }, - { - "name" : "netsupport-unspecified-dos(36963)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36963" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "netsupport-unspecified-dos(36963)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36963" + }, + { + "name": "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=", + "refsource": "MISC", + "url": "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=" + }, + { + "name": "3198", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3198" + }, + { + "name": "20071004 DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481537/100/0/threaded" + }, + { + "name": "25932", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25932" + }, + { + "name": "27082", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27082" + }, + { + "name": "1018774", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018774" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2532.json b/2009/2xxx/CVE-2009-2532.json index 9ecc90db31e..4ff0274a39a 100644 --- a/2009/2xxx/CVE-2009-2532.json +++ b/2009/2xxx/CVE-2009-2532.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2532", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka \"SMBv2 Command Value Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2009-2532", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS09-050", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-050" - }, - { - "name" : "TA09-286A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" - }, - { - "name" : "oval:org.mitre.oval:def:6336", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka \"SMBv2 Command Value Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS09-050", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-050" + }, + { + "name": "TA09-286A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" + }, + { + "name": "oval:org.mitre.oval:def:6336", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6336" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2557.json b/2009/2xxx/CVE-2009-2557.json index aff2e9b7a0e..77ef4b977d5 100644 --- a/2009/2xxx/CVE-2009-2557.json +++ b/2009/2xxx/CVE-2009-2557.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090715 Admin News Tools 2.5 Remote File Download Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504949/100/0/threaded" - }, - { - "name" : "9153", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9153" - }, - { - "name" : "55856", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/55856" - }, - { - "name" : "35842", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20090715 Admin News Tools 2.5 Remote File Download Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504949/100/0/threaded" + }, + { + "name": "9153", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9153" + }, + { + "name": "35842", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35842" + }, + { + "name": "55856", + "refsource": "OSVDB", + "url": "http://osvdb.org/55856" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2593.json b/2009/2xxx/CVE-2009-2593.json index df9f325ff88..1e696f3e1a4 100644 --- a/2009/2xxx/CVE-2009-2593.json +++ b/2009/2xxx/CVE-2009-2593.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9129", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9129" - }, - { - "name" : "35637", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35637" - }, - { - "name" : "55790", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/55790" - }, - { - "name" : "35787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35787" - }, - { - "name" : "censura-itemid-sql-injection(51663)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35787" + }, + { + "name": "35637", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35637" + }, + { + "name": "censura-itemid-sql-injection(51663)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51663" + }, + { + "name": "55790", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/55790" + }, + { + "name": "9129", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9129" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2728.json b/2009/2xxx/CVE-2009-2728.json index 6d975ca5098..bd4e18a854d 100644 --- a/2009/2xxx/CVE-2009-2728.json +++ b/2009/2xxx/CVE-2009-2728.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2728", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2728", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0060.json b/2015/0xxx/CVE-2015-0060.json index 5af610954bb..b4d80732404 100644 --- a/2015/0xxx/CVE-2015-0060.json +++ b/2015/0xxx/CVE-2015-0060.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka \"Windows Font Driver Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-0060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-010", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010" - }, - { - "name" : "72472", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72472" - }, - { - "name" : "ms-kmd-cve20150060-dos(100434)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka \"Windows Font Driver Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-010", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010" + }, + { + "name": "ms-kmd-cve20150060-dos(100434)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100434" + }, + { + "name": "72472", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72472" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0567.json b/2015/0xxx/CVE-2015-0567.json index 107fd713f98..37d0a7ed6ee 100644 --- a/2015/0xxx/CVE-2015-0567.json +++ b/2015/0xxx/CVE-2015-0567.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0567", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-0567", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3016.json b/2015/3xxx/CVE-2015-3016.json index 727b4468f0d..87281305158 100644 --- a/2015/3xxx/CVE-2015-3016.json +++ b/2015/3xxx/CVE-2015-3016.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3016", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3016", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3342.json b/2015/3xxx/CVE-2015-3342.json index f46269f541c..8617439ace7 100644 --- a/2015/3xxx/CVE-2015-3342.json +++ b/2015/3xxx/CVE-2015-3342.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2407347", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2407347" - }, - { - "name" : "https://www.drupal.org/node/2407145", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2407145" - }, - { - "name" : "72365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72365" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72365" + }, + { + "name": "https://www.drupal.org/node/2407145", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2407145" + }, + { + "name": "https://www.drupal.org/node/2407347", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2407347" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3902.json b/2015/3xxx/CVE-2015-3902.json index 73fe2a2bab1..8cabec93e42 100644 --- a/2015/3xxx/CVE-2015-3902.json +++ b/2015/3xxx/CVE-2015-3902.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83" - }, - { - "name" : "DSA-3382", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3382" - }, - { - "name" : "openSUSE-SU-2015:1191", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html" - }, - { - "name" : "74657", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74657" - }, - { - "name" : "1032404", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1191", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html" + }, + { + "name": "DSA-3382", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3382" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83" + }, + { + "name": "1032404", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032404" + }, + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php" + }, + { + "name": "74657", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74657" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4242.json b/2015/4xxx/CVE-2015-4242.json index 270061c34cb..10f0e99eb54 100644 --- a/2015/4xxx/CVE-2015-4242.json +++ b/2015/4xxx/CVE-2015-4242.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4242", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4242", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150707 Cisco FireSIGHT Management Center Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39643" - }, - { - "name" : "1032806", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032806" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150707 Cisco FireSIGHT Management Center Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39643" + }, + { + "name": "1032806", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032806" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4588.json b/2015/4xxx/CVE-2015-4588.json index 93781fbb48b..ab24b37227a 100644 --- a/2015/4xxx/CVE-2015-4588.json +++ b/2015/4xxx/CVE-2015-4588.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150603 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/03/6" - }, - { - "name" : "[oss-security] 20150615 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/16/4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1227243", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1227243" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3302", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3302" - }, - { - "name" : "FEDORA-2015-9674", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html" - }, - { - "name" : "GLSA-201602-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201602-03" - }, - { - "name" : "RHSA-2015:1917", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1917.html" - }, - { - "name" : "openSUSE-SU-2015:1132", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html" - }, - { - "name" : "openSUSE-SU-2015:1134", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html" - }, - { - "name" : "openSUSE-SU-2015:1212", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html" - }, - { - "name" : "USN-2670-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2670-1" - }, - { - "name" : "75230", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75230" - }, - { - "name" : "1032771", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032771" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3302", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3302" + }, + { + "name": "[oss-security] 20150603 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/03/6" + }, + { + "name": "openSUSE-SU-2015:1132", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html" + }, + { + "name": "GLSA-201602-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201602-03" + }, + { + "name": "FEDORA-2015-9674", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "USN-2670-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2670-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1227243", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227243" + }, + { + "name": "openSUSE-SU-2015:1134", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html" + }, + { + "name": "[oss-security] 20150615 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/16/4" + }, + { + "name": "75230", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75230" + }, + { + "name": "1032771", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032771" + }, + { + "name": "openSUSE-SU-2015:1212", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html" + }, + { + "name": "RHSA-2015:1917", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1917.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4762.json b/2015/4xxx/CVE-2015-4762.json index db4060ce04a..11978302e80 100644 --- a/2015/4xxx/CVE-2015-4762.json +++ b/2015/4xxx/CVE-2015-4762.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4762", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4762", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "1033877", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033877", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033877" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4799.json b/2015/4xxx/CVE-2015-4799.json index 08c52c4b4f4..5c3b2e071da 100644 --- a/2015/4xxx/CVE-2015-4799.json +++ b/2015/4xxx/CVE-2015-4799.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "1033898", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "1033898", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033898" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8084.json b/2015/8xxx/CVE-2015-8084.json index d4b8dc3af01..bb6ee630d36 100644 --- a/2015/8xxx/CVE-2015-8084.json +++ b/2015/8xxx/CVE-2015-8084.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm" - }, - { - "name" : "77300", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77300" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm" + }, + { + "name": "77300", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77300" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8493.json b/2015/8xxx/CVE-2015-8493.json index 384287c2447..25cda52bf2e 100644 --- a/2015/8xxx/CVE-2015-8493.json +++ b/2015/8xxx/CVE-2015-8493.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8493", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8493", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8577.json b/2015/8xxx/CVE-2015-8577.json index fe553bfa8a4..5d57618ece3 100644 --- a/2015/8xxx/CVE-2015-8577.json +++ b/2015/8xxx/CVE-2015-8577.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations", - "refsource" : "MISC", - "url" : "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations" - }, - { - "name" : "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/", - "refsource" : "MISC", - "url" : "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10142", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10142" - }, - { - "name" : "78810", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78810" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78810", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78810" + }, + { + "name": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/", + "refsource": "MISC", + "url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/" + }, + { + "name": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations", + "refsource": "MISC", + "url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10142", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10142" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8742.json b/2015/8xxx/CVE-2015-8742.json index 862146744ea..881107d50bd 100644 --- a/2015/8xxx/CVE-2015-8742.json +++ b/2015/8xxx/CVE-2015-8742.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-60.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-60.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-60.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-60.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8908.json b/2015/8xxx/CVE-2015-8908.json index ad2c8fe25dd..9e192e7fa16 100644 --- a/2015/8xxx/CVE-2015-8908.json +++ b/2015/8xxx/CVE-2015-8908.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8908", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8908", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9184.json b/2015/9xxx/CVE-2015-9184.json index 005b7ccbd2e..f024a67a283 100644 --- a/2015/9xxx/CVE-2015-9184.json +++ b/2015/9xxx/CVE-2015-9184.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer over-read vulnerability in QTEE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer over-read vulnerability in QTEE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1064.json b/2016/1xxx/CVE-2016-1064.json index 25d390f8b62..c63071d067f 100644 --- a/2016/1xxx/CVE-2016-1064.json +++ b/2016/1xxx/CVE-2016-1064.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5761.json b/2016/5xxx/CVE-2016-5761.json index 2aba28703fa..e6ad6c9b7b7 100644 --- a/2016/5xxx/CVE-2016-5761.json +++ b/2016/5xxx/CVE-2016-5761.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2016-5761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539296/100/0/threaded" - }, - { - "name" : "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Aug/123" - }, - { - "name" : "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html" - }, - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt" - }, - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7017974", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7017974" - }, - { - "name" : "92645", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html" + }, + { + "name": "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539296/100/0/threaded" + }, + { + "name": "92645", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92645" + }, + { + "name": "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Aug/123" + }, + { + "name": "https://www.novell.com/support/kb/doc.php?id=7017974", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7017974" + }, + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2140.json b/2018/2xxx/CVE-2018-2140.json index efafd33e079..60d86dd4708 100644 --- a/2018/2xxx/CVE-2018-2140.json +++ b/2018/2xxx/CVE-2018-2140.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2140", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2140", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2194.json b/2018/2xxx/CVE-2018-2194.json index cbf7e6ed5cf..39f36901e44 100644 --- a/2018/2xxx/CVE-2018-2194.json +++ b/2018/2xxx/CVE-2018-2194.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2194", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2194", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2405.json b/2018/2xxx/CVE-2018-2405.json index 65a1824b411..a1fbc007c6e 100644 --- a/2018/2xxx/CVE-2018-2405.json +++ b/2018/2xxx/CVE-2018-2405.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Solution Manager", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.10" - }, - { - "version_affected" : "=", - "version_value" : "7.20" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 5.4, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "LOW", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Solution Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.10" + }, + { + "version_affected": "=", + "version_value": "7.20" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2372688", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2372688" - }, - { - "name" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/" - }, - { - "name" : "103703", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103703", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103703" + }, + { + "name": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2372688", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2372688" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2466.json b/2018/2xxx/CVE-2018-2466.json index 0e0a4485a91..b5d0f596301 100644 --- a/2018/2xxx/CVE-2018-2466.json +++ b/2018/2xxx/CVE-2018-2466.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2466", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Data Services", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "4.2" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Data Services", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.2" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2618337", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2618337" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095", - "refsource" : "CONFIRM", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095" - }, - { - "name" : "105529", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105529" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2618337", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2618337" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095", + "refsource": "CONFIRM", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095" + }, + { + "name": "105529", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105529" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2810.json b/2018/2xxx/CVE-2018-2810.json index 07ca9ea5349..bfa03b89c0a 100644 --- a/2018/2xxx/CVE-2018-2810.json +++ b/2018/2xxx/CVE-2018-2810.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2810", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.7.21 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.7.21 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" - }, - { - "name" : "RHSA-2018:3655", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3655" - }, - { - "name" : "USN-3629-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-1/" - }, - { - "name" : "USN-3629-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3629-3/" - }, - { - "name" : "103783", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103783" - }, - { - "name" : "1040698", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040698" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040698", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040698" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0002/" + }, + { + "name": "RHSA-2018:3655", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3655" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103783", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103783" + }, + { + "name": "USN-3629-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-1/" + }, + { + "name": "USN-3629-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3629-3/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6688.json b/2018/6xxx/CVE-2018-6688.json index 36bc4542d42..6f68ace58e0 100644 --- a/2018/6xxx/CVE-2018-6688.json +++ b/2018/6xxx/CVE-2018-6688.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6688", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6688", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6971.json b/2018/6xxx/CVE-2018-6971.json index 6ec66d1e553..3b4dd78c201 100644 --- a/2018/6xxx/CVE-2018-6971.json +++ b/2018/6xxx/CVE-2018-6971.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@vmware.com", - "DATE_PUBLIC" : "2018-07-19T00:00:00", - "ID" : "CVE-2018-6971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Horizon View Agent", - "version" : { - "version_data" : [ - { - "version_value" : "7.x.x before 7.5.1" - } - ] - } - } - ] - }, - "vendor_name" : "VMware" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Local information disclosure vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security@vmware.com", + "DATE_PUBLIC": "2018-07-19T00:00:00", + "ID": "CVE-2018-6971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Horizon View Agent", + "version": { + "version_data": [ + { + "version_value": "7.x.x before 7.5.1" + } + ] + } + } + ] + }, + "vendor_name": "VMware" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vmware.com/security/advisories/VMSA-2018-0018.html", - "refsource" : "CONFIRM", - "url" : "https://www.vmware.com/security/advisories/VMSA-2018-0018.html" - }, - { - "name" : "104883", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104883" - }, - { - "name" : "1041357", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041357" - }, - { - "name" : "1041358", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041358" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Local information disclosure vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041357", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041357" + }, + { + "name": "104883", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104883" + }, + { + "name": "1041358", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041358" + }, + { + "name": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html", + "refsource": "CONFIRM", + "url": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0467.json b/2019/0xxx/CVE-2019-0467.json index f16dc677879..0af397cb78c 100644 --- a/2019/0xxx/CVE-2019-0467.json +++ b/2019/0xxx/CVE-2019-0467.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0467", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0467", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0487.json b/2019/0xxx/CVE-2019-0487.json index 8faad5109f9..00427cde904 100644 --- a/2019/0xxx/CVE-2019-0487.json +++ b/2019/0xxx/CVE-2019-0487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0487", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0487", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0679.json b/2019/0xxx/CVE-2019-0679.json index 9e36989f7e6..851e987aef8 100644 --- a/2019/0xxx/CVE-2019-0679.json +++ b/2019/0xxx/CVE-2019-0679.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0679", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0679", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0817.json b/2019/0xxx/CVE-2019-0817.json index fcf59b3ba56..bdffbbc677e 100644 --- a/2019/0xxx/CVE-2019-0817.json +++ b/2019/0xxx/CVE-2019-0817.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0817", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0817", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1001.json b/2019/1xxx/CVE-2019-1001.json index 8671983325d..2f23fecd0bb 100644 --- a/2019/1xxx/CVE-2019-1001.json +++ b/2019/1xxx/CVE-2019-1001.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1001", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1001", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1145.json b/2019/1xxx/CVE-2019-1145.json index 15b657ad7a5..107c0fec753 100644 --- a/2019/1xxx/CVE-2019-1145.json +++ b/2019/1xxx/CVE-2019-1145.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1145", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1145", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1270.json b/2019/1xxx/CVE-2019-1270.json index 1c6bf7322b4..d414b2e5d06 100644 --- a/2019/1xxx/CVE-2019-1270.json +++ b/2019/1xxx/CVE-2019-1270.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1270", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1270", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1419.json b/2019/1xxx/CVE-2019-1419.json index b115c06e278..63295567c00 100644 --- a/2019/1xxx/CVE-2019-1419.json +++ b/2019/1xxx/CVE-2019-1419.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1419", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1419", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5288.json b/2019/5xxx/CVE-2019-5288.json index 9be4a4c2443..0b64e683c30 100644 --- a/2019/5xxx/CVE-2019-5288.json +++ b/2019/5xxx/CVE-2019-5288.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5288", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5288", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5884.json b/2019/5xxx/CVE-2019-5884.json index ea4cdb514e5..d23b72f940b 100644 --- a/2019/5xxx/CVE-2019-5884.json +++ b/2019/5xxx/CVE-2019-5884.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316", - "refsource" : "MISC", - "url" : "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316" - }, - { - "name" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.45", - "refsource" : "MISC", - "url" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.45" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Studio-42/elFinder/releases/tag/2.1.45", + "refsource": "MISC", + "url": "https://github.com/Studio-42/elFinder/releases/tag/2.1.45" + }, + { + "name": "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316", + "refsource": "MISC", + "url": "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5988.json b/2019/5xxx/CVE-2019-5988.json index a2067ab0c76..ad1274a4df2 100644 --- a/2019/5xxx/CVE-2019-5988.json +++ b/2019/5xxx/CVE-2019-5988.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5988", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5988", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file