From 99a6c420852699723d5f2b9d328aacf63d9f60fd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:17:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2000/0xxx/CVE-2000-0604.json | 130 +++++----- 2000/0xxx/CVE-2000-0808.json | 140 +++++----- 2007/0xxx/CVE-2007-0585.json | 180 ++++++------- 2007/0xxx/CVE-2007-0691.json | 34 +-- 2007/1xxx/CVE-2007-1025.json | 160 ++++++------ 2007/1xxx/CVE-2007-1089.json | 150 +++++------ 2007/1xxx/CVE-2007-1108.json | 170 ++++++------ 2007/1xxx/CVE-2007-1580.json | 150 +++++------ 2007/5xxx/CVE-2007-5190.json | 190 +++++++------- 2007/5xxx/CVE-2007-5355.json | 170 ++++++------ 2007/5xxx/CVE-2007-5794.json | 400 ++++++++++++++--------------- 2015/3xxx/CVE-2015-3042.json | 210 +++++++-------- 2015/3xxx/CVE-2015-3284.json | 160 ++++++------ 2015/3xxx/CVE-2015-3562.json | 34 +-- 2015/3xxx/CVE-2015-3596.json | 34 +-- 2015/3xxx/CVE-2015-3622.json | 250 +++++++++--------- 2015/6xxx/CVE-2015-6126.json | 130 +++++----- 2015/6xxx/CVE-2015-6588.json | 120 ++++----- 2015/7xxx/CVE-2015-7120.json | 34 +-- 2015/7xxx/CVE-2015-7122.json | 34 +-- 2015/7xxx/CVE-2015-7140.json | 34 +-- 2015/7xxx/CVE-2015-7152.json | 34 +-- 2015/7xxx/CVE-2015-7553.json | 120 ++++----- 2015/7xxx/CVE-2015-7775.json | 140 +++++----- 2015/8xxx/CVE-2015-8194.json | 34 +-- 2015/8xxx/CVE-2015-8298.json | 140 +++++----- 2015/8xxx/CVE-2015-8789.json | 180 ++++++------- 2016/0xxx/CVE-2016-0245.json | 130 +++++----- 2016/0xxx/CVE-2016-0769.json | 140 +++++----- 2016/0xxx/CVE-2016-0938.json | 140 +++++----- 2016/1000xxx/CVE-2016-1000182.json | 34 +-- 2016/1xxx/CVE-2016-1136.json | 140 +++++----- 2016/1xxx/CVE-2016-1189.json | 150 +++++------ 2016/4xxx/CVE-2016-4303.json | 180 ++++++------- 2016/5xxx/CVE-2016-5036.json | 140 +++++----- 2016/5xxx/CVE-2016-5280.json | 210 +++++++-------- 2016/5xxx/CVE-2016-5321.json | 150 +++++------ 2016/5xxx/CVE-2016-5343.json | 150 +++++------ 2016/5xxx/CVE-2016-5806.json | 34 +-- 2016/5xxx/CVE-2016-5921.json | 34 +-- 2019/0xxx/CVE-2019-0433.json | 34 +-- 2019/0xxx/CVE-2019-0493.json | 34 +-- 2019/0xxx/CVE-2019-0590.json | 246 +++++++++--------- 2019/0xxx/CVE-2019-0707.json | 34 +-- 2019/1xxx/CVE-2019-1193.json | 34 +-- 2019/1xxx/CVE-2019-1284.json | 34 +-- 2019/1xxx/CVE-2019-1731.json | 34 +-- 2019/1xxx/CVE-2019-1996.json | 132 +++++----- 2019/3xxx/CVE-2019-3620.json | 34 +-- 2019/4xxx/CVE-2019-4024.json | 34 +-- 2019/4xxx/CVE-2019-4283.json | 34 +-- 2019/4xxx/CVE-2019-4421.json | 34 +-- 2019/4xxx/CVE-2019-4887.json | 34 +-- 2019/5xxx/CVE-2019-5284.json | 34 +-- 2019/5xxx/CVE-2019-5308.json | 34 +-- 2019/8xxx/CVE-2019-8227.json | 34 +-- 2019/8xxx/CVE-2019-8413.json | 120 ++++----- 2019/8xxx/CVE-2019-8431.json | 34 +-- 2019/8xxx/CVE-2019-8862.json | 34 +-- 2019/9xxx/CVE-2019-9507.json | 34 +-- 2019/9xxx/CVE-2019-9551.json | 120 ++++----- 2019/9xxx/CVE-2019-9630.json | 34 +-- 2019/9xxx/CVE-2019-9753.json | 34 +-- 63 files changed, 3229 insertions(+), 3229 deletions(-) diff --git a/2000/0xxx/CVE-2000-0604.json b/2000/0xxx/CVE-2000-0604.json index 47ab4351e8c..06471bec01e 100644 --- a/2000/0xxx/CVE-2000-0604.json +++ b/2000/0xxx/CVE-2000-0604.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0604", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0604", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000621 rh 6.2 - gid compromises, etc", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl" - }, - { - "name" : "1383", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1383" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1383", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1383" + }, + { + "name": "20000621 rh 6.2 - gid compromises, etc", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0808.json b/2000/0xxx/CVE-2000-0808.json index 5d9bcf19df4..48c9076ddf1 100644 --- a/2000/0xxx/CVE-2000-0808.json +++ b/2000/0xxx/CVE-2000-0808.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0808", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka \"One-time (s/key) Password Authentication.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0808", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password", - "refsource" : "CONFIRM", - "url" : "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password" - }, - { - "name" : "fw1-localhost-auth(5137)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137" - }, - { - "name" : "4421", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka \"One-time (s/key) Password Authentication.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "fw1-localhost-auth(5137)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5137" + }, + { + "name": "4421", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4421" + }, + { + "name": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password", + "refsource": "CONFIRM", + "url": "http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0585.json b/2007/0xxx/CVE-2007-0585.json index 9d6e42694a7..5035de06ba7 100644 --- a/2007/0xxx/CVE-2007-0585.json +++ b/2007/0xxx/CVE-2007-0585.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0585", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0585", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3222", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3222" - }, - { - "name" : "http://webfwlog.cvs.sourceforge.net/*checkout*/webfwlog/webfwlog/ChangeLog", - "refsource" : "CONFIRM", - "url" : "http://webfwlog.cvs.sourceforge.net/*checkout*/webfwlog/webfwlog/ChangeLog" - }, - { - "name" : "22291", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22291" - }, - { - "name" : "ADV-2007-0399", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0399" - }, - { - "name" : "33015", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33015" - }, - { - "name" : "23968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23968" - }, - { - "name" : "webfwlog-debug-file-include(31881)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0399", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0399" + }, + { + "name": "http://webfwlog.cvs.sourceforge.net/*checkout*/webfwlog/webfwlog/ChangeLog", + "refsource": "CONFIRM", + "url": "http://webfwlog.cvs.sourceforge.net/*checkout*/webfwlog/webfwlog/ChangeLog" + }, + { + "name": "33015", + "refsource": "OSVDB", + "url": "http://osvdb.org/33015" + }, + { + "name": "webfwlog-debug-file-include(31881)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31881" + }, + { + "name": "23968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23968" + }, + { + "name": "22291", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22291" + }, + { + "name": "3222", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3222" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0691.json b/2007/0xxx/CVE-2007-0691.json index b1671500ef9..0b3bdc523e4 100644 --- a/2007/0xxx/CVE-2007-0691.json +++ b/2007/0xxx/CVE-2007-0691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0691", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2066. Reason: This candidate is a duplicate of CVE-2007-2066. Notes: All CVE users should reference CVE-2007-2066 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-0691", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2066. Reason: This candidate is a duplicate of CVE-2007-2066. Notes: All CVE users should reference CVE-2007-2066 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1025.json b/2007/1xxx/CVE-2007-1025.json index 514e0fd0b66..71397bcb766 100644 --- a/2007/1xxx/CVE-2007-1025.json +++ b/2007/1xxx/CVE-2007-1025.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3323", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3323" - }, - { - "name" : "22594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22594" - }, - { - "name" : "ADV-2007-0651", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0651" - }, - { - "name" : "35132", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35132" - }, - { - "name" : "vslinkpartner-functions-file-include(32547)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32547" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vslinkpartner-functions-file-include(32547)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32547" + }, + { + "name": "22594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22594" + }, + { + "name": "ADV-2007-0651", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0651" + }, + { + "name": "35132", + "refsource": "OSVDB", + "url": "http://osvdb.org/35132" + }, + { + "name": "3323", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3323" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1089.json b/2007/1xxx/CVE-2007-1089.json index d52259e9e07..f0dec926ac1 100644 --- a/2007/1xxx/CVE-2007-1089.json +++ b/2007/1xxx/CVE-2007-1089.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JR25941", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941" - }, - { - "name" : "20070818 Recent DB2 Vulnerabilities", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-August/001765.html" - }, - { - "name" : "ADV-2007-0721", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0721" - }, - { - "name" : "24283", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24283", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24283" + }, + { + "name": "JR25941", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941" + }, + { + "name": "20070818 Recent DB2 Vulnerabilities", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html" + }, + { + "name": "ADV-2007-0721", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0721" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1108.json b/2007/1xxx/CVE-2007-1108.json index b39b762b424..4a1459c9cfb 100644 --- a/2007/1xxx/CVE-2007-1108.json +++ b/2007/1xxx/CVE-2007-1108.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the album parameter during a securealbum todo action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3372", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3372" - }, - { - "name" : "22712", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22712" - }, - { - "name" : "ADV-2007-0734", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0734" - }, - { - "name" : "33754", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33754" - }, - { - "name" : "24291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24291" - }, - { - "name" : "csgallery-index-file-include(32674)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32674" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the album parameter during a securealbum todo action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "csgallery-index-file-include(32674)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32674" + }, + { + "name": "22712", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22712" + }, + { + "name": "24291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24291" + }, + { + "name": "3372", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3372" + }, + { + "name": "ADV-2007-0734", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0734" + }, + { + "name": "33754", + "refsource": "OSVDB", + "url": "http://osvdb.org/33754" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1580.json b/2007/1xxx/CVE-2007-1580.json index 76f60ace641..2f03ab9c162 100644 --- a/2007/1xxx/CVE-2007-1580.json +++ b/2007/1xxx/CVE-2007-1580.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using \"//A:\". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3523", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3523" - }, - { - "name" : "23049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23049" - }, - { - "name" : "34524", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34524" - }, - { - "name" : "ftpdmin-list-dos(33091)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33091" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using \"//A:\". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23049" + }, + { + "name": "34524", + "refsource": "OSVDB", + "url": "http://osvdb.org/34524" + }, + { + "name": "ftpdmin-list-dos(33091)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33091" + }, + { + "name": "3523", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3523" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5190.json b/2007/5xxx/CVE-2007-5190.json index 15259c48789..7ad20fa47c3 100644 --- a/2007/5xxx/CVE-2007-5190.json +++ b/2007/5xxx/CVE-2007-5190.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5190", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5190", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071018 S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482507/100/0/threaded" - }, - { - "name" : "http://www.s21sec.com/avisos/s21sec-038-en.txt", - "refsource" : "MISC", - "url" : "http://www.s21sec.com/avisos/s21sec-038-en.txt" - }, - { - "name" : "http://www1.alcatel-lucent.com/psirt/statements/2007003/4760xss.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.alcatel-lucent.com/psirt/statements/2007003/4760xss.htm" - }, - { - "name" : "26128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26128" - }, - { - "name" : "ADV-2007-3541", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3541" - }, - { - "name" : "37997", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37997" - }, - { - "name" : "27294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27294" - }, - { - "name" : "3280", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the action parameter to php-bin/Webclient.php or (2) the Langue parameter to the default URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3280", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3280" + }, + { + "name": "http://www1.alcatel-lucent.com/psirt/statements/2007003/4760xss.htm", + "refsource": "CONFIRM", + "url": "http://www1.alcatel-lucent.com/psirt/statements/2007003/4760xss.htm" + }, + { + "name": "http://www.s21sec.com/avisos/s21sec-038-en.txt", + "refsource": "MISC", + "url": "http://www.s21sec.com/avisos/s21sec-038-en.txt" + }, + { + "name": "26128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26128" + }, + { + "name": "37997", + "refsource": "OSVDB", + "url": "http://osvdb.org/37997" + }, + { + "name": "27294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27294" + }, + { + "name": "20071018 S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482507/100/0/threaded" + }, + { + "name": "ADV-2007-3541", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3541" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5355.json b/2007/5xxx/CVE-2007-5355.json index a5ff2f3b5df..adb36d4db71 100644 --- a/2007/5xxx/CVE-2007-5355.json +++ b/2007/5xxx/CVE-2007-5355.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-5355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.microsoft.com/technet/security/advisory/945713.mspx", - "refsource" : "CONFIRM", - "url" : "http://www.microsoft.com/technet/security/advisory/945713.mspx" - }, - { - "name" : "945713", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/kb/945713" - }, - { - "name" : "26686", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26686" - }, - { - "name" : "ADV-2007-4064", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4064" - }, - { - "name" : "1019033", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019033" - }, - { - "name" : "27901", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27901" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-4064", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4064" + }, + { + "name": "26686", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26686" + }, + { + "name": "http://www.microsoft.com/technet/security/advisory/945713.mspx", + "refsource": "CONFIRM", + "url": "http://www.microsoft.com/technet/security/advisory/945713.mspx" + }, + { + "name": "1019033", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019033" + }, + { + "name": "27901", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27901" + }, + { + "name": "945713", + "refsource": "MSKB", + "url": "http://support.microsoft.com/kb/945713" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5794.json b/2007/5xxx/CVE-2007-5794.json index 430601ca1ab..dbb2f900a86 100644 --- a/2007/5xxx/CVE-2007-5794.json +++ b/2007/5xxx/CVE-2007-5794.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5794", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5794", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080212 FLEA-2008-0003-1 nss_ldap", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487985/100/0/threaded" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=154314", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=154314" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=367461", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=367461" - }, - { - "name" : "[Dovecot] 20050303 hanging imap... and users getting other users' emails!", - "refsource" : "MLIST", - "url" : "http://www.dovecot.org/list/dovecot/2005-March/006345.html" - }, - { - "name" : "[Dovecot] 20050409 Authentication and the wrong mailbox?", - "refsource" : "MLIST", - "url" : "http://www.dovecot.org/list/dovecot/2005-April/006859.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=198390", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=198390" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1913", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1913" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm" - }, - { - "name" : "DSA-1430", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1430" - }, - { - "name" : "GLSA-200711-33", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-33.xml" - }, - { - "name" : "MDVSA-2008:049", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:049" - }, - { - "name" : "RHSA-2008:0389", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0389.html" - }, - { - "name" : "RHSA-2008:0715", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0715.html" - }, - { - "name" : "SUSE-SR:2008:003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" - }, - { - "name" : "26452", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26452" - }, - { - "name" : "oval:org.mitre.oval:def:10625", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10625" - }, - { - "name" : "1020088", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020088" - }, - { - "name" : "27670", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27670" - }, - { - "name" : "27768", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27768" - }, - { - "name" : "27839", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27839" - }, - { - "name" : "28061", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28061" - }, - { - "name" : "28838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28838" - }, - { - "name" : "29083", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29083" - }, - { - "name" : "30352", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30352" - }, - { - "name" : "31227", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31227" - }, - { - "name" : "31524", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31524" - }, - { - "name" : "nssldap-ldap-race-condition(38505)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28061", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28061" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868" + }, + { + "name": "27670", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27670" + }, + { + "name": "[Dovecot] 20050303 hanging imap... and users getting other users' emails!", + "refsource": "MLIST", + "url": "http://www.dovecot.org/list/dovecot/2005-March/006345.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=154314", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=154314" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198390", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198390" + }, + { + "name": "29083", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29083" + }, + { + "name": "GLSA-200711-33", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-33.xml" + }, + { + "name": "[Dovecot] 20050409 Authentication and the wrong mailbox?", + "refsource": "MLIST", + "url": "http://www.dovecot.org/list/dovecot/2005-April/006859.html" + }, + { + "name": "20080212 FLEA-2008-0003-1 nss_ldap", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487985/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:10625", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10625" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1913", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1913" + }, + { + "name": "27768", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27768" + }, + { + "name": "26452", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26452" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=367461", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=367461" + }, + { + "name": "27839", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27839" + }, + { + "name": "RHSA-2008:0389", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0389.html" + }, + { + "name": "MDVSA-2008:049", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:049" + }, + { + "name": "30352", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30352" + }, + { + "name": "31227", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31227" + }, + { + "name": "DSA-1430", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1430" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm" + }, + { + "name": "31524", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31524" + }, + { + "name": "1020088", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020088" + }, + { + "name": "RHSA-2008:0715", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0715.html" + }, + { + "name": "28838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28838" + }, + { + "name": "SUSE-SR:2008:003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" + }, + { + "name": "nssldap-ldap-race-condition(38505)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38505" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3042.json b/2015/3xxx/CVE-2015-3042.json index 2473da7f2d4..a4576654647 100644 --- a/2015/3xxx/CVE-2015-3042.json +++ b/2015/3xxx/CVE-2015-3042.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3042", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3042", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37839", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37839/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" - }, - { - "name" : "GLSA-201504-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-07" - }, - { - "name" : "RHSA-2015:0813", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0813.html" - }, - { - "name" : "SUSE-SU-2015:0722", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:0723", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:0718", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:0725", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" - }, - { - "name" : "74062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74062" - }, - { - "name" : "1032105", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3043." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37839", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37839/" + }, + { + "name": "openSUSE-SU-2015:0718", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" + }, + { + "name": "SUSE-SU-2015:0722", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" + }, + { + "name": "74062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74062" + }, + { + "name": "GLSA-201504-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-07" + }, + { + "name": "1032105", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032105" + }, + { + "name": "RHSA-2015:0813", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0813.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" + }, + { + "name": "openSUSE-SU-2015:0725", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" + }, + { + "name": "SUSE-SU-2015:0723", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3284.json b/2015/3xxx/CVE-2015-3284.json index 4bd89e3fe0f..30b974db5e5 100644 --- a/2015/3xxx/CVE-2015-3284.json +++ b/2015/3xxx/CVE-2015-3284.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3284", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[OpenAFS-announce] 20150730 SECURITY RELEASE: 1.6.13 now available", - "refsource" : "MLIST", - "url" : "https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html" - }, - { - "name" : "http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt" - }, - { - "name" : "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13", - "refsource" : "CONFIRM", - "url" : "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13" - }, - { - "name" : "DSA-3320", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3320" - }, - { - "name" : "1033262", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033262", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033262" + }, + { + "name": "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13", + "refsource": "CONFIRM", + "url": "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13" + }, + { + "name": "http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt", + "refsource": "CONFIRM", + "url": "http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt" + }, + { + "name": "DSA-3320", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3320" + }, + { + "name": "[OpenAFS-announce] 20150730 SECURITY RELEASE: 1.6.13 now available", + "refsource": "MLIST", + "url": "https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3562.json b/2015/3xxx/CVE-2015-3562.json index a75ba1328ee..97fced8bcde 100644 --- a/2015/3xxx/CVE-2015-3562.json +++ b/2015/3xxx/CVE-2015-3562.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3562", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3562", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3596.json b/2015/3xxx/CVE-2015-3596.json index 840e74bd850..b9dc1dd4364 100644 --- a/2015/3xxx/CVE-2015-3596.json +++ b/2015/3xxx/CVE-2015-3596.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3596", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3596", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3622.json b/2015/3xxx/CVE-2015-3622.json index 43749ea0d4f..98e59404bde 100644 --- a/2015/3xxx/CVE-2015-3622.json +++ b/2015/3xxx/CVE-2015-3622.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150430 Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Apr/109" - }, - { - "name" : "[help-libtasn1] 20150429 GNU Libtasn1 4.5 released", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html" - }, - { - "name" : "http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html" - }, - { - "name" : "DSA-3256", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3256" - }, - { - "name" : "FEDORA-2015-7288", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158225.html" - }, - { - "name" : "GLSA-201509-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201509-04" - }, - { - "name" : "MDVSA-2015:232", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:232" - }, - { - "name" : "RHSA-2017:1860", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1860" - }, - { - "name" : "openSUSE-SU-2016:1567", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00047.html" - }, - { - "name" : "openSUSE-SU-2016:1674", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00097.html" - }, - { - "name" : "openSUSE-SU-2015:1372", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00014.html" - }, - { - "name" : "USN-2604-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2604-1" - }, - { - "name" : "74419", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74419" - }, - { - "name" : "1032246", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032246" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201509-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201509-04" + }, + { + "name": "1032246", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032246" + }, + { + "name": "FEDORA-2015-7288", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158225.html" + }, + { + "name": "RHSA-2017:1860", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1860" + }, + { + "name": "20150430 Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Apr/109" + }, + { + "name": "DSA-3256", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3256" + }, + { + "name": "[help-libtasn1] 20150429 GNU Libtasn1 4.5 released", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html" + }, + { + "name": "openSUSE-SU-2016:1567", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00047.html" + }, + { + "name": "MDVSA-2015:232", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:232" + }, + { + "name": "openSUSE-SU-2015:1372", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00014.html" + }, + { + "name": "http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html" + }, + { + "name": "74419", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74419" + }, + { + "name": "openSUSE-SU-2016:1674", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00097.html" + }, + { + "name": "USN-2604-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2604-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6126.json b/2015/6xxx/CVE-2015-6126.json index 4822d7d5c33..a6feffb9fb9 100644 --- a/2015/6xxx/CVE-2015-6126.json +++ b/2015/6xxx/CVE-2015-6126.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application, aka \"Windows PGM UAF Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-133", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-133" - }, - { - "name" : "1034339", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034339" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application, aka \"Windows PGM UAF Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-133", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-133" + }, + { + "name": "1034339", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034339" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6588.json b/2015/6xxx/CVE-2015-6588.json index b0ed62efc0c..2381c55519c 100644 --- a/2015/6xxx/CVE-2015-6588.json +++ b/2015/6xxx/CVE-2015-6588.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/134529/MODX-2.3.5-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134529/MODX-2.3.5-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution before 1.9.1 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134529/MODX-2.3.5-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134529/MODX-2.3.5-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7120.json b/2015/7xxx/CVE-2015-7120.json index 6eba407b13e..79593d7d612 100644 --- a/2015/7xxx/CVE-2015-7120.json +++ b/2015/7xxx/CVE-2015-7120.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7120", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7120", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7122.json b/2015/7xxx/CVE-2015-7122.json index afafc527770..0a555caeb6b 100644 --- a/2015/7xxx/CVE-2015-7122.json +++ b/2015/7xxx/CVE-2015-7122.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7122", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7122", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7140.json b/2015/7xxx/CVE-2015-7140.json index 2c8176a573a..7cb5f30eaf5 100644 --- a/2015/7xxx/CVE-2015-7140.json +++ b/2015/7xxx/CVE-2015-7140.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7140", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7140", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7152.json b/2015/7xxx/CVE-2015-7152.json index 6b4275857f1..48f6e7bbdf9 100644 --- a/2015/7xxx/CVE-2015-7152.json +++ b/2015/7xxx/CVE-2015-7152.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7152", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7152", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7553.json b/2015/7xxx/CVE-2015-7553.json index 521cbfc8a12..e585dd8970d 100644 --- a/2015/7xxx/CVE-2015-7553.json +++ b/2015/7xxx/CVE-2015-7553.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7553", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7553", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1288934", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1288934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1288934", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288934" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7775.json b/2015/7xxx/CVE-2015-7775.json index a5b33869e63..06476e1ba57 100644 --- a/2015/7xxx/CVE-2015-7775.json +++ b/2015/7xxx/CVE-2015-7775.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7775", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7775", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/8893", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/8893" - }, - { - "name" : "JVN#49285177", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN49285177/index.html" - }, - { - "name" : "JVNDB-2016-000084", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000084" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000084", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000084" + }, + { + "name": "JVN#49285177", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN49285177/index.html" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/8893", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/8893" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8194.json b/2015/8xxx/CVE-2015-8194.json index 914f40814c4..f63eb11ec13 100644 --- a/2015/8xxx/CVE-2015-8194.json +++ b/2015/8xxx/CVE-2015-8194.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8194", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8194", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8298.json b/2015/8xxx/CVE-2015-8298.json index 13eb974d319..844bdeee7b1 100644 --- a/2015/8xxx/CVE-2015-8298.json +++ b/2015/8xxx/CVE-2015-8298.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8298", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8298", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151124 : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Nov/90" - }, - { - "name" : "http://packetstormsecurity.com/files/134525/RXTEC-RXAdmin-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134525/RXTEC-RXAdmin-SQL-Injection.html" - }, - { - "name" : "https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513", - "refsource" : "MISC", - "url" : "https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134525/RXTEC-RXAdmin-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134525/RXTEC-RXAdmin-SQL-Injection.html" + }, + { + "name": "https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513", + "refsource": "MISC", + "url": "https://github.com/sbaresearch/advisories/tree/public/2015/RXTEC_20150513" + }, + { + "name": "20151124 : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Nov/90" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8789.json b/2015/8xxx/CVE-2015-8789.json index 0e1a66ec2e2..aaf186aef44 100644 --- a/2015/8xxx/CVE-2015-8789.json +++ b/2015/8xxx/CVE-2015-8789.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a \"deeply nested element with infinite size\" followed by another element of an upper level in an EBML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[matroska-users] 20151020 libEBML v1.3.3, libMatroska v1.4.4 released: important fixes", - "refsource" : "MLIST", - "url" : "http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html" - }, - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0037/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0037/" - }, - { - "name" : "https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog" - }, - { - "name" : "https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24", - "refsource" : "CONFIRM", - "url" : "https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24" - }, - { - "name" : "DSA-3538", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3538" - }, - { - "name" : "openSUSE-SU-2016:0125", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html" - }, - { - "name" : "94924", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94924" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a \"deeply nested element with infinite size\" followed by another element of an upper level in an EBML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3538", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3538" + }, + { + "name": "94924", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94924" + }, + { + "name": "openSUSE-SU-2016:0125", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html" + }, + { + "name": "https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24", + "refsource": "CONFIRM", + "url": "https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24" + }, + { + "name": "[matroska-users] 20151020 libEBML v1.3.3, libMatroska v1.4.4 released: important fixes", + "refsource": "MLIST", + "url": "http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html" + }, + { + "name": "https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/Matroska-Org/libebml/blob/release-1.3.3/ChangeLog" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0037/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0037/" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0245.json b/2016/0xxx/CVE-2016-0245.json index 0c888fea767..ddb6577160b 100644 --- a/2016/0xxx/CVE-2016-0245.json +++ b/2016/0xxx/CVE-2016-0245.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21975358", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21975358" - }, - { - "name" : "PI56682", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56682" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21975358", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21975358" + }, + { + "name": "PI56682", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56682" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0769.json b/2016/0xxx/CVE-2016-0769.json index da1824d1539..1ab8934d751 100644 --- a/2016/0xxx/CVE-2016-0769.json +++ b/2016/0xxx/CVE-2016-0769.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/02/02/3" - }, - { - "name" : "http://www.vapid.dhs.org/advisory.php?v=160", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisory.php?v=160" - }, - { - "name" : "82347", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82347" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160202 Reflected XSS & Blind SQLi in wordpress plugin eshop v6.3.14", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/02/02/3" + }, + { + "name": "82347", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82347" + }, + { + "name": "http://www.vapid.dhs.org/advisory.php?v=160", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisory.php?v=160" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0938.json b/2016/0xxx/CVE-2016-0938.json index 39dfdd2bfe9..e5619b998e1 100644 --- a/2016/0xxx/CVE-2016-0938.json +++ b/2016/0xxx/CVE-2016-0938.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0938", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0938", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-013", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-013" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" - }, - { - "name" : "1034646", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-013", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-013" + }, + { + "name": "1034646", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034646" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000182.json b/2016/1000xxx/CVE-2016-1000182.json index 7e7b00afc28..fae6bbeb710 100644 --- a/2016/1000xxx/CVE-2016-1000182.json +++ b/2016/1000xxx/CVE-2016-1000182.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000182", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000182", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1136.json b/2016/1xxx/CVE-2016-1136.json index 3c7674c5601..797de40d17f 100644 --- a/2016/1xxx/CVE-2016-1136.json +++ b/2016/1xxx/CVE-2016-1136.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1136", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1136", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06", - "refsource" : "CONFIRM", - "url" : "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06" - }, - { - "name" : "JVN#54686544", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN54686544/index.html" - }, - { - "name" : "JVNDB-2016-000007", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06", + "refsource": "CONFIRM", + "url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06" + }, + { + "name": "JVNDB-2016-000007", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000007" + }, + { + "name": "JVN#54686544", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN54686544/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1189.json b/2016/1xxx/CVE-2016-1189.json index 582b4d22d24..1abbbf308c5 100644 --- a/2016/1xxx/CVE-2016-1189.json +++ b/2016/1xxx/CVE-2016-1189.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03", - "refsource" : "CONFIRM", - "url" : "https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03" - }, - { - "name" : "https://support.cybozu.com/ja-jp/article/9020", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9020" - }, - { - "name" : "JVN#18975349", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN18975349/index.html" - }, - { - "name" : "JVNDB-2016-000093", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#18975349", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN18975349/index.html" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9020", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9020" + }, + { + "name": "JVNDB-2016-000093", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000093" + }, + { + "name": "https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03", + "refsource": "CONFIRM", + "url": "https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4303.json b/2016/4xxx/CVE-2016-4303.json index bfa11c18a74..c020207041b 100644 --- a/2016/4xxx/CVE-2016-4303.json +++ b/2016/4xxx/CVE-2016-4303.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4303", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.talosintel.com/2016/06/esnet-vulnerability.html", - "refsource" : "MISC", - "url" : "http://blog.talosintel.com/2016/06/esnet-vulnerability.html" - }, - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0164/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0164/" - }, - { - "name" : "http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released", - "refsource" : "CONFIRM", - "url" : "http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released" - }, - { - "name" : "https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a", - "refsource" : "CONFIRM", - "url" : "https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a" - }, - { - "name" : "https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc", - "refsource" : "CONFIRM", - "url" : "https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc" - }, - { - "name" : "openSUSE-SU-2016:2113", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00082.html" - }, - { - "name" : "openSUSE-SU-2016:2121", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0164/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0164/" + }, + { + "name": "http://blog.talosintel.com/2016/06/esnet-vulnerability.html", + "refsource": "MISC", + "url": "http://blog.talosintel.com/2016/06/esnet-vulnerability.html" + }, + { + "name": "http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released", + "refsource": "CONFIRM", + "url": "http://software.es.net/iperf/news.html#security-issue-iperf-3-1-3-iperf-3-0-12-released" + }, + { + "name": "https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc", + "refsource": "CONFIRM", + "url": "https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc" + }, + { + "name": "https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a", + "refsource": "CONFIRM", + "url": "https://github.com/esnet/iperf/commit/91f2fa59e8ed80dfbf400add0164ee0e508e412a" + }, + { + "name": "openSUSE-SU-2016:2113", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00082.html" + }, + { + "name": "openSUSE-SU-2016:2121", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5036.json b/2016/5xxx/CVE-2016-5036.json index 2b79ff50a28..50660079a03 100644 --- a/2016/5xxx/CVE-2016-5036.json +++ b/2016/5xxx/CVE-2016-5036.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" - }, - { - "name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" - }, - { - "name" : "https://www.prevanders.net/dwarfbug.html", - "refsource" : "CONFIRM", - "url" : "https://www.prevanders.net/dwarfbug.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dump_block function in print_sections.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted frame data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.prevanders.net/dwarfbug.html", + "refsource": "CONFIRM", + "url": "https://www.prevanders.net/dwarfbug.html" + }, + { + "name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/1" + }, + { + "name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/25/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5280.json b/2016/5xxx/CVE-2016-5280.json index 653c432a4c2..b7e3a38e834 100644 --- a/2016/5xxx/CVE-2016-5280.json +++ b/2016/5xxx/CVE-2016-5280.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1289970", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1289970" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-86/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-86/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-88/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-88/" - }, - { - "name" : "DSA-3674", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3674" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1912.html" - }, - { - "name" : "93049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93049" - }, - { - "name" : "1036852", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1289970", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1289970" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-86/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-86/" + }, + { + "name": "DSA-3674", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3674" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "RHSA-2016:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1912.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-88/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-88/" + }, + { + "name": "93049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93049" + }, + { + "name": "1036852", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036852" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5321.json b/2016/5xxx/CVE-2016-5321.json index 5fbce0427b5..638b8b25dfc 100644 --- a/2016/5xxx/CVE-2016-5321.json +++ b/2016/5xxx/CVE-2016-5321.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-3762", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3762" - }, - { - "name" : "GLSA-201701-16", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-16" - }, - { - "name" : "openSUSE-SU-2016:3035", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html" - }, - { - "name" : "91209", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:3035", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html" + }, + { + "name": "GLSA-201701-16", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-16" + }, + { + "name": "91209", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91209" + }, + { + "name": "DSA-3762", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3762" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5343.json b/2016/5xxx/CVE-2016-5343.json index 00a28707888..5a54b964b31 100644 --- a/2016/5xxx/CVE-2016-5343.json +++ b/2016/5xxx/CVE-2016-5343.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-10-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-10-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6927e2e0af4dcac357be86ba563c9ae12354bb08", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6927e2e0af4dcac357be86ba563c9ae12354bb08" - }, - { - "name" : "https://www.codeaurora.org/multiple-memory-corruption-issues-write-operation-qdsp6v2-voice-service-driver-cve-2016-5343", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/multiple-memory-corruption-issues-write-operation-qdsp6v2-voice-service-driver-cve-2016-5343" - }, - { - "name" : "93330", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93330" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93330", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93330" + }, + { + "name": "https://www.codeaurora.org/multiple-memory-corruption-issues-write-operation-qdsp6v2-voice-service-driver-cve-2016-5343", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/multiple-memory-corruption-issues-write-operation-qdsp6v2-voice-service-driver-cve-2016-5343" + }, + { + "name": "http://source.android.com/security/bulletin/2016-10-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-10-01.html" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6927e2e0af4dcac357be86ba563c9ae12354bb08", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=6927e2e0af4dcac357be86ba563c9ae12354bb08" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5806.json b/2016/5xxx/CVE-2016-5806.json index a3f7ea3edf2..037fb2544bd 100644 --- a/2016/5xxx/CVE-2016-5806.json +++ b/2016/5xxx/CVE-2016-5806.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5806", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5806", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5921.json b/2016/5xxx/CVE-2016-5921.json index 57ef906c7aa..569a025d4f6 100644 --- a/2016/5xxx/CVE-2016-5921.json +++ b/2016/5xxx/CVE-2016-5921.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5921", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5921", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0433.json b/2019/0xxx/CVE-2019-0433.json index b437420d5f0..550d24444fc 100644 --- a/2019/0xxx/CVE-2019-0433.json +++ b/2019/0xxx/CVE-2019-0433.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0433", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0433", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0493.json b/2019/0xxx/CVE-2019-0493.json index 14a01446e29..3f9e7f47a50 100644 --- a/2019/0xxx/CVE-2019-0493.json +++ b/2019/0xxx/CVE-2019-0493.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0493", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0493", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0590.json b/2019/0xxx/CVE-2019-0590.json index 90c09dfda8e..32c9e460ac2 100644 --- a/2019/0xxx/CVE-2019-0590.json +++ b/2019/0xxx/CVE-2019-0590.json @@ -1,125 +1,125 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "ChakraCore", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" - }, - { - "name" : "106934", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106934", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106934" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0590" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0707.json b/2019/0xxx/CVE-2019-0707.json index 74ba3de49a0..efc5a02441a 100644 --- a/2019/0xxx/CVE-2019-0707.json +++ b/2019/0xxx/CVE-2019-0707.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0707", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0707", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1193.json b/2019/1xxx/CVE-2019-1193.json index ee9916bf655..2c744829d4a 100644 --- a/2019/1xxx/CVE-2019-1193.json +++ b/2019/1xxx/CVE-2019-1193.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1193", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1193", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1284.json b/2019/1xxx/CVE-2019-1284.json index 36f353cc626..fb4a52cc8c8 100644 --- a/2019/1xxx/CVE-2019-1284.json +++ b/2019/1xxx/CVE-2019-1284.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1284", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1284", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1731.json b/2019/1xxx/CVE-2019-1731.json index 2f4dd54fad9..b090a344821 100644 --- a/2019/1xxx/CVE-2019-1731.json +++ b/2019/1xxx/CVE-2019-1731.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1731", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1731", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1996.json b/2019/1xxx/CVE-2019-1996.json index d529ce61026..fea5901ecb2 100644 --- a/2019/1xxx/CVE-2019-1996.json +++ b/2019/1xxx/CVE-2019-1996.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2019-02-04T00:00:00", - "ID" : "CVE-2019-1996", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-8.0 Android-8.1 Android-9" - } - ] - } - } - ] - }, - "vendor_name" : "Android" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-111451066." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2019-02-04T00:00:00", + "ID": "CVE-2019-1996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + }, + "vendor_name": "Android" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2019-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2019-02-01" - }, - { - "name" : "106946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-111451066." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2019-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "name": "106946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106946" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3620.json b/2019/3xxx/CVE-2019-3620.json index 8f88dacb13a..c26bc0b31ef 100644 --- a/2019/3xxx/CVE-2019-3620.json +++ b/2019/3xxx/CVE-2019-3620.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3620", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3620", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4024.json b/2019/4xxx/CVE-2019-4024.json index 73cd8043891..f91df714bf1 100644 --- a/2019/4xxx/CVE-2019-4024.json +++ b/2019/4xxx/CVE-2019-4024.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4024", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4024", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4283.json b/2019/4xxx/CVE-2019-4283.json index f7049b4c678..379277ed992 100644 --- a/2019/4xxx/CVE-2019-4283.json +++ b/2019/4xxx/CVE-2019-4283.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4283", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4283", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4421.json b/2019/4xxx/CVE-2019-4421.json index 7f36022e0e1..87734f43283 100644 --- a/2019/4xxx/CVE-2019-4421.json +++ b/2019/4xxx/CVE-2019-4421.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4421", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4421", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4887.json b/2019/4xxx/CVE-2019-4887.json index 81098894beb..d905520e99c 100644 --- a/2019/4xxx/CVE-2019-4887.json +++ b/2019/4xxx/CVE-2019-4887.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4887", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4887", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5284.json b/2019/5xxx/CVE-2019-5284.json index 9c7025c85da..69270828267 100644 --- a/2019/5xxx/CVE-2019-5284.json +++ b/2019/5xxx/CVE-2019-5284.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5284", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5284", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5308.json b/2019/5xxx/CVE-2019-5308.json index 1fd27216cee..7edda412164 100644 --- a/2019/5xxx/CVE-2019-5308.json +++ b/2019/5xxx/CVE-2019-5308.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5308", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5308", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8227.json b/2019/8xxx/CVE-2019-8227.json index 97e56e85c25..95c6183941e 100644 --- a/2019/8xxx/CVE-2019-8227.json +++ b/2019/8xxx/CVE-2019-8227.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8227", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8227", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8413.json b/2019/8xxx/CVE-2019-8413.json index 583d74c1bac..70d6cb8bbbc 100644 --- a/2019/8xxx/CVE-2019-8413.json +++ b/2019/8xxx/CVE-2019-8413.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8413", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/datadancer/HIAFuzz/blob/master/MIX2_elliptic.md", - "refsource" : "MISC", - "url" : "https://github.com/datadancer/HIAFuzz/blob/master/MIX2_elliptic.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/datadancer/HIAFuzz/blob/master/MIX2_elliptic.md", + "refsource": "MISC", + "url": "https://github.com/datadancer/HIAFuzz/blob/master/MIX2_elliptic.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8431.json b/2019/8xxx/CVE-2019-8431.json index 939109d9ff5..4794be76fb3 100644 --- a/2019/8xxx/CVE-2019-8431.json +++ b/2019/8xxx/CVE-2019-8431.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8431", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8431", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8862.json b/2019/8xxx/CVE-2019-8862.json index 8247dbc2097..1a2ab0b4f8a 100644 --- a/2019/8xxx/CVE-2019-8862.json +++ b/2019/8xxx/CVE-2019-8862.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8862", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8862", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9507.json b/2019/9xxx/CVE-2019-9507.json index 227f1fde923..53217ff763b 100644 --- a/2019/9xxx/CVE-2019-9507.json +++ b/2019/9xxx/CVE-2019-9507.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9507", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9507", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9551.json b/2019/9xxx/CVE-2019-9551.json index 07da58c20af..8eeb06cd1e3 100644 --- a/2019/9xxx/CVE-2019-9551.json +++ b/2019/9xxx/CVE-2019-9551.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. It has admin.php XSS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/millken/doyocms/issues/2", - "refsource" : "MISC", - "url" : "https://github.com/millken/doyocms/issues/2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. It has admin.php XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/millken/doyocms/issues/2", + "refsource": "MISC", + "url": "https://github.com/millken/doyocms/issues/2" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9630.json b/2019/9xxx/CVE-2019-9630.json index bf97a468cec..536be90d3d0 100644 --- a/2019/9xxx/CVE-2019-9630.json +++ b/2019/9xxx/CVE-2019-9630.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9630", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9630", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9753.json b/2019/9xxx/CVE-2019-9753.json index 22271c60d37..ab261c0bdd9 100644 --- a/2019/9xxx/CVE-2019-9753.json +++ b/2019/9xxx/CVE-2019-9753.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9753", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9753", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file