diff --git a/2007/0xxx/CVE-2007-0066.json b/2007/0xxx/CVE-2007-0066.json index 30b0098d1c2..b73a5856965 100644 --- a/2007/0xxx/CVE-2007-0066.json +++ b/2007/0xxx/CVE-2007-0066.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka \"Windows Kernel TCP/IP/ICMP Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities", - "refsource" : "ISS", - "url" : "http://www.iss.net/threats/282.html" - }, - { - "name" : "http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx", - "refsource" : "MISC", - "url" : "http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx" - }, - { - "name" : "HPSBST02304", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/486317/100/0/threaded" - }, - { - "name" : "SSRT080003", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/486317/100/0/threaded" - }, - { - "name" : "MS08-001", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-001" - }, - { - "name" : "TA08-008A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-008A.html" - }, - { - "name" : "27139", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27139" - }, - { - "name" : "ADV-2008-0069", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0069" - }, - { - "name" : "oval:org.mitre.oval:def:5271", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5271" - }, - { - "name" : "1019166", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019166" - }, - { - "name" : "28297", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28297" - }, - { - "name" : "win-tcpip-icmp-dos(39254)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39254" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka \"Windows Kernel TCP/IP/ICMP Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS08-001", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-001" + }, + { + "name": "20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities", + "refsource": "ISS", + "url": "http://www.iss.net/threats/282.html" + }, + { + "name": "TA08-008A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-008A.html" + }, + { + "name": "1019166", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019166" + }, + { + "name": "http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx", + "refsource": "MISC", + "url": "http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx" + }, + { + "name": "28297", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28297" + }, + { + "name": "27139", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27139" + }, + { + "name": "ADV-2008-0069", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0069" + }, + { + "name": "oval:org.mitre.oval:def:5271", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5271" + }, + { + "name": "win-tcpip-icmp-dos(39254)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39254" + }, + { + "name": "SSRT080003", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/486317/100/0/threaded" + }, + { + "name": "HPSBST02304", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/486317/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0262.json b/2007/0xxx/CVE-2007-0262.json index 4286d782617..559e8686d3d 100644 --- a/2007/0xxx/CVE-2007-0262.json +++ b/2007/0xxx/CVE-2007-0262.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0262", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m[] parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as the table prefix." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0262", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070112 Wordpress disclosure of Table Prefix Weakness", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456731/100/0/threaded" - }, - { - "name" : "33458", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33458" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify that the m parameter value has the string data type, which allows remote attackers to obtain sensitive information via an invalid m[] parameter, as demonstrated by obtaining the path, and obtaining certain SQL information such as the table prefix." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33458", + "refsource": "OSVDB", + "url": "http://osvdb.org/33458" + }, + { + "name": "20070112 Wordpress disclosure of Table Prefix Weakness", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456731/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0304.json b/2007/0xxx/CVE-2007-0304.json index d446d35c427..4958d0f42b3 100644 --- a/2007/0xxx/CVE-2007-0304.json +++ b/2007/0xxx/CVE-2007-0304.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0304", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0304", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3120", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3120" - }, - { - "name" : "ADV-2007-0175", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0175" - }, - { - "name" : "32820", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32820" - }, - { - "name" : "23756", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23756" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32820", + "refsource": "OSVDB", + "url": "http://osvdb.org/32820" + }, + { + "name": "ADV-2007-0175", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0175" + }, + { + "name": "23756", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23756" + }, + { + "name": "3120", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3120" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0456.json b/2007/0xxx/CVE-2007-0456.json index 88259958cda..a2d97ef1da7 100644 --- a/2007/0xxx/CVE-2007-0456.json +++ b/2007/0xxx/CVE-2007-0456.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2007-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2007-01.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-985", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-985" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm" - }, - { - "name" : "FEDORA-2007-207", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2565" - }, - { - "name" : "MDKSA-2007:033", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:033" - }, - { - "name" : "RHSA-2007:0066", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0066.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "22352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22352" - }, - { - "name" : "oval:org.mitre.oval:def:11342", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11342" - }, - { - "name" : "oval:org.mitre.oval:def:14867", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14867" - }, - { - "name" : "ADV-2007-0443", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0443" - }, - { - "name" : "33073", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33073" - }, - { - "name" : "1017581", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017581" - }, - { - "name" : "24016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24016" - }, - { - "name" : "24011", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24011" - }, - { - "name" : "24025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24025" - }, - { - "name" : "24084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24084" - }, - { - "name" : "24515", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24515" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24970", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24970" - }, - { - "name" : "wireshark-lltdissector-dos(32056)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2007-207", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2565" + }, + { + "name": "oval:org.mitre.oval:def:11342", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11342" + }, + { + "name": "24970", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24970" + }, + { + "name": "24016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24016" + }, + { + "name": "ADV-2007-0443", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0443" + }, + { + "name": "1017581", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017581" + }, + { + "name": "24084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24084" + }, + { + "name": "wireshark-lltdissector-dos(32056)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32056" + }, + { + "name": "MDKSA-2007:033", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:033" + }, + { + "name": "oval:org.mitre.oval:def:14867", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14867" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm" + }, + { + "name": "https://issues.rpath.com/browse/RPL-985", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-985" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "RHSA-2007:0066", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0066.html" + }, + { + "name": "24025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24025" + }, + { + "name": "33073", + "refsource": "OSVDB", + "url": "http://osvdb.org/33073" + }, + { + "name": "24515", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24515" + }, + { + "name": "24011", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24011" + }, + { + "name": "22352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22352" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2007-01.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2007-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1294.json b/2007/1xxx/CVE-2007-1294.json index 3272bc0d825..8c4656662a0 100644 --- a/2007/1xxx/CVE-2007-1294.json +++ b/2007/1xxx/CVE-2007-1294.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1294", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1294", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3392", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3392" - }, - { - "name" : "22776", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22776" - }, - { - "name" : "35377", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35377" - }, - { - "name" : "divxwebplayer-npdivx32-dos(32759)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3392", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3392" + }, + { + "name": "divxwebplayer-npdivx32-dos(32759)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32759" + }, + { + "name": "35377", + "refsource": "OSVDB", + "url": "http://osvdb.org/35377" + }, + { + "name": "22776", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22776" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1624.json b/2007/1xxx/CVE-2007-1624.json index 5fa99f01ed0..afce9ba5c8d 100644 --- a/2007/1xxx/CVE-2007-1624.json +++ b/2007/1xxx/CVE-2007-1624.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1624", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, and (4) text parameters to save_entry.php, as reachable through add_entry.php; and possibly other unspecified parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1624", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "23072", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23072" - }, - { - "name" : "ADV-2007-1060", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1060" - }, - { - "name" : "34342", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34342" - }, - { - "name" : "24602", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24602" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in realGuestbook 5.01 allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, and (4) text parameters to save_entry.php, as reachable through add_entry.php; and possibly other unspecified parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24602", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24602" + }, + { + "name": "23072", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23072" + }, + { + "name": "ADV-2007-1060", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1060" + }, + { + "name": "34342", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34342" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1641.json b/2007/1xxx/CVE-2007-1641.json index df16937d4ca..4d48198fbcf 100644 --- a/2007/1xxx/CVE-2007-1641.json +++ b/2007/1xxx/CVE-2007-1641.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1641", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1641", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3543", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3543" - }, - { - "name" : "23096", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23096" - }, - { - "name" : "34410", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34410" - }, - { - "name" : "24620", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24620" - }, - { - "name" : "portailphp-idnews-sql-injection(33145)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33145" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3543", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3543" + }, + { + "name": "portailphp-idnews-sql-injection(33145)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33145" + }, + { + "name": "23096", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23096" + }, + { + "name": "34410", + "refsource": "OSVDB", + "url": "http://osvdb.org/34410" + }, + { + "name": "24620", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24620" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1966.json b/2007/1xxx/CVE-2007-1966.json index c3aa8fb646f..2ccc45c99f0 100644 --- a/2007/1xxx/CVE-2007-1966.json +++ b/2007/1xxx/CVE-2007-1966.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=117570977117962&w=2" - }, - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070404 [MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=117570977117962&w=2" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls38" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4212.json b/2007/4xxx/CVE-2007-4212.json index cc12738eb43..38088c5092d 100644 --- a/2007/4xxx/CVE-2007-4212.json +++ b/2007/4xxx/CVE-2007-4212.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4212", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing \"<\" instead of a \">\" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4212", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070801 PHP-Nuke (ALL versions) Multiple XSS and HTML injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475249/100/0/threaded" - }, - { - "name" : "25171", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25171" - }, - { - "name" : "42538", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42538" - }, - { - "name" : "2974", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing \"<\" instead of a \">\" in (1) the onerror attribute of an IMG element, (2) the onload attribute of an IFRAME element, or (3) redirect users to other sites via the META tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2974", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2974" + }, + { + "name": "42538", + "refsource": "OSVDB", + "url": "http://osvdb.org/42538" + }, + { + "name": "25171", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25171" + }, + { + "name": "20070801 PHP-Nuke (ALL versions) Multiple XSS and HTML injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475249/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4503.json b/2007/4xxx/CVE-2007-4503.json index e81848326e2..de792172db9 100644 --- a/2007/4xxx/CVE-2007-4503.json +++ b/2007/4xxx/CVE-2007-4503.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4503", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the Nice Talk component (com_nicetalk) 0.9.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the tagid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4503", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4308", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4308" - }, - { - "name" : "6794", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6794" - }, - { - "name" : "31818", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31818" - }, - { - "name" : "ADV-2008-2858", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2858" - }, - { - "name" : "36587", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36587" - }, - { - "name" : "26576", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26576" - }, - { - "name" : "nicetalk-tagid-sql-injection(36224)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the Nice Talk component (com_nicetalk) 0.9.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the tagid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6794", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6794" + }, + { + "name": "4308", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4308" + }, + { + "name": "nicetalk-tagid-sql-injection(36224)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36224" + }, + { + "name": "26576", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26576" + }, + { + "name": "31818", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31818" + }, + { + "name": "36587", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36587" + }, + { + "name": "ADV-2008-2858", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2858" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5447.json b/2007/5xxx/CVE-2007-5447.json index e270062d8e1..19d64601eda 100644 --- a/2007/5xxx/CVE-2007-5447.json +++ b/2007/5xxx/CVE-2007-5447.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4517", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4517" - }, - { - "name" : "26024", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26024" - }, - { - "name" : "41708", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41708" - }, - { - "name" : "27178", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27178" - }, - { - "name" : "ioncube-readfile-security-bypass(37227)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37227" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4517", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4517" + }, + { + "name": "ioncube-readfile-security-bypass(37227)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37227" + }, + { + "name": "41708", + "refsource": "OSVDB", + "url": "http://osvdb.org/41708" + }, + { + "name": "26024", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26024" + }, + { + "name": "27178", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27178" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5600.json b/2007/5xxx/CVE-2007-5600.json index 9e7111864ab..d4b0a27d28d 100644 --- a/2007/5xxx/CVE-2007-5600.json +++ b/2007/5xxx/CVE-2007-5600.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5600", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5600", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4538", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4538" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftps, (3) ssh2.sftp, or (4) ssh2.scp URL, in the page parameter, for which PHP remote file inclusion is blocked only for http, https, and ftp URLs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4538", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4538" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2169.json b/2015/2xxx/CVE-2015-2169.json index 494606111fc..be01b43d12a 100644 --- a/2015/2xxx/CVE-2015-2169.json +++ b/2015/2xxx/CVE-2015-2169.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2169", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2169", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37395", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37395/" - }, - { - "name" : "20150623 XSS vulnerability in manage engine.", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jun/74" - }, - { - "name" : "http://techtootech.blogspot.in/2015/06/found-xss-vulnerability-in-manage.html", - "refsource" : "MISC", - "url" : "http://techtootech.blogspot.in/2015/06/found-xss-vulnerability-in-manage.html" - }, - { - "name" : "http://packetstormsecurity.com/files/132433/ManageEngine-Asset-Explorer-6.1-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132433/ManageEngine-Asset-Explorer-6.1-Cross-Site-Scripting.html" - }, - { - "name" : "75389", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75389" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 allows remote attackers to inject arbitrary web script or HTML via a Publisher registry entry, which is not properly handled when the machine is scanned." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37395", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37395/" + }, + { + "name": "http://packetstormsecurity.com/files/132433/ManageEngine-Asset-Explorer-6.1-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132433/ManageEngine-Asset-Explorer-6.1-Cross-Site-Scripting.html" + }, + { + "name": "75389", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75389" + }, + { + "name": "20150623 XSS vulnerability in manage engine.", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jun/74" + }, + { + "name": "http://techtootech.blogspot.in/2015/06/found-xss-vulnerability-in-manage.html", + "refsource": "MISC", + "url": "http://techtootech.blogspot.in/2015/06/found-xss-vulnerability-in-manage.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2312.json b/2015/2xxx/CVE-2015-2312.json index 9c00ad87f4e..14751a690c4 100644 --- a/2015/2xxx/CVE-2015-2312.json +++ b/2015/2xxx/CVE-2015-2312.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2312", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-2312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150317 Re: CVE Request: Cap'n Proto: Several issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/17/3" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780567", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780567" - }, - { - "name" : "https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md" - }, - { - "name" : "https://github.com/capnproto/capnproto/commit/104870608fde3c698483fdef6b97f093fc15685d", - "refsource" : "CONFIRM", - "url" : "https://github.com/capnproto/capnproto/commit/104870608fde3c698483fdef6b97f093fc15685d" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/capnproto/capnproto/commit/104870608fde3c698483fdef6b97f093fc15685d", + "refsource": "CONFIRM", + "url": "https://github.com/capnproto/capnproto/commit/104870608fde3c698483fdef6b97f093fc15685d" + }, + { + "name": "[oss-security] 20150317 Re: CVE Request: Cap'n Proto: Several issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/17/3" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780567", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780567" + }, + { + "name": "https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md", + "refsource": "CONFIRM", + "url": "https://github.com/capnproto/capnproto/blob/master/security-advisories/2015-03-02-2-all-cpu-amplification.md" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2338.json b/2015/2xxx/CVE-2015-2338.json index b364a5ad774..9f84cd192d9 100644 --- a/2015/2xxx/CVE-2015-2338.json +++ b/2015/2xxx/CVE-2015-2338.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2015-0004.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2015-0004.html" - }, - { - "name" : "75092", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75092" - }, - { - "name" : "1032529", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032529" - }, - { - "name" : "1032530", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032530" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032529", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032529" + }, + { + "name": "75092", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75092" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html" + }, + { + "name": "1032530", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032530" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2855.json b/2015/2xxx/CVE-2015-2855.json index fa730fc0689..b312b82679e 100644 --- a/2015/2xxx/CVE-2015-2855.json +++ b/2015/2xxx/CVE-2015-2855.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2855", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, a different vulnerability than CVE-2015-4138." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2855", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bto.bluecoat.com/security-advisory/sa96", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa96" - }, - { - "name" : "VU#498348", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/498348" - }, - { - "name" : "74921", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74921" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, a different vulnerability than CVE-2015-4138." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#498348", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/498348" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa96", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa96" + }, + { + "name": "74921", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74921" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3343.json b/2015/3xxx/CVE-2015-3343.json index d96106cd40e..4dda9ecd96f 100644 --- a/2015/3xxx/CVE-2015-3343.json +++ b/2015/3xxx/CVE-2015-3343.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2403313", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2403313" - }, - { - "name" : "https://www.drupal.org/node/2402393", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2402393" - }, - { - "name" : "72630", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72630" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the OPAC module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims for requests that remove a mapping via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72630", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72630" + }, + { + "name": "https://www.drupal.org/node/2403313", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2403313" + }, + { + "name": "https://www.drupal.org/node/2402393", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2402393" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3530.json b/2015/3xxx/CVE-2015-3530.json index c88493d4cec..83ad81ef150 100644 --- a/2015/3xxx/CVE-2015-3530.json +++ b/2015/3xxx/CVE-2015-3530.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3530", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3530", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3734.json b/2015/3xxx/CVE-2015-3734.json index 0eff6602fd9..8a28d133be0 100644 --- a/2015/3xxx/CVE-2015-3734.json +++ b/2015/3xxx/CVE-2015-3734.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "https://support.apple.com/kb/HT205033", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205033" - }, - { - "name" : "https://support.apple.com/HT205221", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205221" - }, - { - "name" : "APPLE-SA-2015-08-13-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-09-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" - }, - { - "name" : "76338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76338" - }, - { - "name" : "1033274", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205221", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205221" + }, + { + "name": "1033274", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033274" + }, + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "APPLE-SA-2015-09-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + }, + { + "name": "76338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76338" + }, + { + "name": "APPLE-SA-2015-08-13-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" + }, + { + "name": "https://support.apple.com/kb/HT205033", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205033" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6129.json b/2015/6xxx/CVE-2015-6129.json index 2e0f3cfe6d8..ef4a8106521 100644 --- a/2015/6xxx/CVE-2015-6129.json +++ b/2015/6xxx/CVE-2015-6129.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6129", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6129", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6235.json b/2015/6xxx/CVE-2015-6235.json index d38e67ec9b6..a1808a5ed78 100644 --- a/2015/6xxx/CVE-2015-6235.json +++ b/2015/6xxx/CVE-2015-6235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6235", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6235", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6396.json b/2015/6xxx/CVE-2015-6396.json index 06ded3f698f..552218aec12 100644 --- a/2015/6xxx/CVE-2015-6396.json +++ b/2015/6xxx/CVE-2015-6396.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45986", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45986/" - }, - { - "name" : "20160803 Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1" - }, - { - "name" : "92269", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92269" - }, - { - "name" : "1036528", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160803 Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1" + }, + { + "name": "45986", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45986/" + }, + { + "name": "92269", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92269" + }, + { + "name": "1036528", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036528" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6874.json b/2015/6xxx/CVE-2015-6874.json index 09b1bc0f451..8269a8647f4 100644 --- a/2015/6xxx/CVE-2015-6874.json +++ b/2015/6xxx/CVE-2015-6874.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6874", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6874", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6910.json b/2015/6xxx/CVE-2015-6910.json index fe9dc5475a7..3990564d1f6 100644 --- a/2015/6xxx/CVE-2015-6910.json +++ b/2015/6xxx/CVE-2015-6910.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to execute arbitrary SQL commands via the id parameter to audiotrack.cgi." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536427/100/0/threaded" - }, - { - "name" : "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/31" - }, - { - "name" : "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html" - }, - { - "name" : "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html", - "refsource" : "MISC", - "url" : "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html" - }, - { - "name" : "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715", - "refsource" : "CONFIRM", - "url" : "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715" - }, - { - "name" : "https://www.synology.com/en-global/support/security/Video_Station_1_5_0757", - "refsource" : "CONFIRM", - "url" : "https://www.synology.com/en-global/support/security/Video_Station_1_5_0757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to execute arbitrary SQL commands via the id parameter to audiotrack.cgi." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.synology.com/en-global/support/security/Video_Station_1_5_0757", + "refsource": "CONFIRM", + "url": "https://www.synology.com/en-global/support/security/Video_Station_1_5_0757" + }, + { + "name": "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html", + "refsource": "MISC", + "url": "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html" + }, + { + "name": "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715", + "refsource": "CONFIRM", + "url": "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715" + }, + { + "name": "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536427/100/0/threaded" + }, + { + "name": "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/31" + }, + { + "name": "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7008.json b/2015/7xxx/CVE-2015-7008.json index 0bc7796072e..67aa1424a62 100644 --- a/2015/7xxx/CVE-2015-7008.json +++ b/2015/7xxx/CVE-2015-7008.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "77263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77263" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-6993, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "77263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77263" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7023.json b/2015/7xxx/CVE-2015-7023.json index 0e4048cd3b0..cf0b88c7ff0 100644 --- a/2015/7xxx/CVE-2015-7023.json +++ b/2015/7xxx/CVE-2015-7023.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "77263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77263" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite cookies via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "77263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77263" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7087.json b/2015/7xxx/CVE-2015-7087.json index a5f633ec9a9..4ee1c1efb1e 100644 --- a/2015/7xxx/CVE-2015-7087.json +++ b/2015/7xxx/CVE-2015-7087.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205638", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205638" - }, - { - "name" : "APPLE-SA-2016-01-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html" - }, - { - "name" : "1034610", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034610" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7086, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-01-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html" + }, + { + "name": "1034610", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034610" + }, + { + "name": "https://support.apple.com/HT205638", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205638" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7162.json b/2015/7xxx/CVE-2015-7162.json index 80b41591a04..548733fc3ee 100644 --- a/2015/7xxx/CVE-2015-7162.json +++ b/2015/7xxx/CVE-2015-7162.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7162", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7162", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7513.json b/2015/7xxx/CVE-2015-7513.json index 6ecf997ccf2..6467fb8c8e1 100644 --- a/2015/7xxx/CVE-2015-7513.json +++ b/2015/7xxx/CVE-2015-7513.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/07/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1284847", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1284847" - }, - { - "name" : "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8" - }, - { - "name" : "DSA-3434", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3434" - }, - { - "name" : "FEDORA-2016-26e19f042a", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html" - }, - { - "name" : "FEDORA-2016-5d43766e33", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" - }, - { - "name" : "FEDORA-2016-b59fd603be", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html" - }, - { - "name" : "USN-2886-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2886-1" - }, - { - "name" : "USN-2887-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2887-1" - }, - { - "name" : "USN-2887-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2887-2" - }, - { - "name" : "USN-2888-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2888-1" - }, - { - "name" : "USN-2889-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2889-1" - }, - { - "name" : "USN-2889-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2889-2" - }, - { - "name" : "USN-2890-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2890-1" - }, - { - "name" : "USN-2890-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2890-2" - }, - { - "name" : "USN-2890-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2890-3" - }, - { - "name" : "79901", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79901" - }, - { - "name" : "1034602", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034602" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/07/2" + }, + { + "name": "FEDORA-2016-26e19f042a", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html" + }, + { + "name": "USN-2887-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2887-2" + }, + { + "name": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8" + }, + { + "name": "USN-2886-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2886-1" + }, + { + "name": "USN-2887-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2887-1" + }, + { + "name": "USN-2890-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2890-3" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8" + }, + { + "name": "USN-2889-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2889-1" + }, + { + "name": "FEDORA-2016-b59fd603be", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html" + }, + { + "name": "USN-2889-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2889-2" + }, + { + "name": "79901", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79901" + }, + { + "name": "FEDORA-2016-5d43766e33", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" + }, + { + "name": "USN-2890-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2890-2" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1284847" + }, + { + "name": "USN-2890-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2890-1" + }, + { + "name": "DSA-3434", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3434" + }, + { + "name": "1034602", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034602" + }, + { + "name": "USN-2888-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2888-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7829.json b/2015/7xxx/CVE-2015-7829.json index 3c7bfb98eec..8a969d95f03 100644 --- a/2015/7xxx/CVE-2015-7829.json +++ b/2015/7xxx/CVE-2015-7829.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7829", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-2015-2428." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-465", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-465" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows mishandle junctions in the Synchronizer directory, which allows attackers to delete arbitrary files via Adobe Collaboration Sync, a related issue to CVE-2015-2428." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-465", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-465" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0034.json b/2016/0xxx/CVE-2016-0034.json index b27c061bd8f..808db669126 100644 --- a/2016/0xxx/CVE-2016-0034.json +++ b/2016/0xxx/CVE-2016-0034.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka \"Silverlight Runtime Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-006", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-006" - }, - { - "name" : "1034655", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034655" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka \"Silverlight Runtime Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034655", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034655" + }, + { + "name": "MS16-006", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-006" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0092.json b/2016/0xxx/CVE-2016-0092.json index 39089c17cd9..bacd3110210 100644 --- a/2016/0xxx/CVE-2016-0092.json +++ b/2016/0xxx/CVE-2016-0092.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0092", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"Windows OLE Memory Remote Code Execution Vulnerability,\" a different vulnerability than CVE-2016-0091." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0092", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-181", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-181" - }, - { - "name" : "MS16-030", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-030" - }, - { - "name" : "84125", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84125" - }, - { - "name" : "1035208", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035208" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"Windows OLE Memory Remote Code Execution Vulnerability,\" a different vulnerability than CVE-2016-0091." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-181", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-181" + }, + { + "name": "MS16-030", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-030" + }, + { + "name": "1035208", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035208" + }, + { + "name": "84125", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84125" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0500.json b/2016/0xxx/CVE-2016-0500.json index 2c9a831e494..7ee9354bc38 100644 --- a/2016/0xxx/CVE-2016-0500.json +++ b/2016/0xxx/CVE-2016-0500.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034718", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034718" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034718", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034718" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0730.json b/2016/0xxx/CVE-2016-0730.json index f970bb8064f..763eedf110b 100644 --- a/2016/0xxx/CVE-2016-0730.json +++ b/2016/0xxx/CVE-2016-0730.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0730", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0730", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0810.json b/2016/0xxx/CVE-2016-0810.json index d9f949a7de1..2c076bf729c 100644 --- a/2016/0xxx/CVE-2016-0810.json +++ b/2016/0xxx/CVE-2016-0810.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0810", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-02-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-02-01.html" - }, - { - "name" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform%2Fframeworks%2Fav/+/19c47afbc402542720ddd280e1bbde3b2277b586" + }, + { + "name": "http://source.android.com/security/bulletin/2016-02-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0923.json b/2016/0xxx/CVE-2016-0923.json index 81db25ad8ca..b93bdf67b52 100644 --- a/2016/0xxx/CVE-2016-0923.json +++ b/2016/0xxx/CVE-2016-0923.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0923", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0923", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160915 ESA-2016-094: RSA BSAFE Micro Edition Suite Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2016/Sep/25" - }, - { - "name" : "92994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92994" - }, - { - "name" : "1036835", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036835" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160915 ESA-2016-094: RSA BSAFE Micro Edition Suite Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2016/Sep/25" + }, + { + "name": "92994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92994" + }, + { + "name": "1036835", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036835" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000038.json b/2016/1000xxx/CVE-2016-1000038.json index edbc85f0d0a..3c8f622b28a 100644 --- a/2016/1000xxx/CVE-2016-1000038.json +++ b/2016/1000xxx/CVE-2016-1000038.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000038", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000038", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1580.json b/2016/1xxx/CVE-2016-1580.json index 20695740a6d..67f402318e1 100644 --- a/2016/1xxx/CVE-2016-1580.json +++ b/2016/1xxx/CVE-2016-1580.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with \"ubuntu-core.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2016-1580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/ubuntu-core-launcher/+bug/1576699", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/ubuntu-core-launcher/+bug/1576699" - }, - { - "name" : "USN-2956-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2956-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The setup_snappy_os_mounts function in the ubuntu-core-launcher package before 1.0.27.1 improperly determines the mount point of bind mounts when using snaps, which might allow remote attackers to obtain sensitive information or gain privileges via a snap with a name starting with \"ubuntu-core.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.launchpad.net/ubuntu/+source/ubuntu-core-launcher/+bug/1576699", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/ubuntu-core-launcher/+bug/1576699" + }, + { + "name": "USN-2956-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2956-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4217.json b/2016/4xxx/CVE-2016-4217.json index 2cf24882446..a40c18bf74e 100644 --- a/2016/4xxx/CVE-2016-4217.json +++ b/2016/4xxx/CVE-2016-4217.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "GLSA-201607-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-03" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91725" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "GLSA-201607-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-03" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "91725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91725" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4565.json b/2016/4xxx/CVE-2016-4565.json index 2b96c10b220..384524d030f 100644 --- a/2016/4xxx/CVE-2016-4565.json +++ b/2016/4xxx/CVE-2016-4565.json @@ -1,322 +1,322 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4565", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-4565", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/07/1" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1310570", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1310570" - }, - { - "name" : "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "RHSA-2016:1277", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1277" - }, - { - "name" : "RHSA-2016:1301", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1301" - }, - { - "name" : "RHSA-2016:1341", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1341" - }, - { - "name" : "RHSA-2016:1814", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1814.html" - }, - { - "name" : "RHSA-2016:1489", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1489.html" - }, - { - "name" : "RHSA-2016:1581", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1581.html" - }, - { - "name" : "RHSA-2016:1617", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1617.html" - }, - { - "name" : "RHSA-2016:1640", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1640.html" - }, - { - "name" : "RHSA-2016:1657", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1657.html" - }, - { - "name" : "RHSA-2016:1406", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1406" - }, - { - "name" : "SUSE-SU-2016:1672", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" - }, - { - "name" : "SUSE-SU-2016:1690", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" - }, - { - "name" : "SUSE-SU-2016:1937", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" - }, - { - "name" : "openSUSE-SU-2016:1641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" - }, - { - "name" : "SUSE-SU-2016:1985", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:2000", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html" - }, - { - "name" : "SUSE-SU-2016:2001", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html" - }, - { - "name" : "SUSE-SU-2016:2002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html" - }, - { - "name" : "SUSE-SU-2016:2003", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html" - }, - { - "name" : "SUSE-SU-2016:2006", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html" - }, - { - "name" : "SUSE-SU-2016:2007", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html" - }, - { - "name" : "SUSE-SU-2016:2010", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:2011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html" - }, - { - "name" : "SUSE-SU-2016:1961", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html" - }, - { - "name" : "SUSE-SU-2016:1994", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html" - }, - { - "name" : "SUSE-SU-2016:1995", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html" - }, - { - "name" : "SUSE-SU-2016:2005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html" - }, - { - "name" : "SUSE-SU-2016:2009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html" - }, - { - "name" : "SUSE-SU-2016:2014", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "USN-3018-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-1" - }, - { - "name" : "USN-3018-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-2" - }, - { - "name" : "USN-3019-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3019-1" - }, - { - "name" : "USN-3001-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3001-1" - }, - { - "name" : "USN-3002-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3002-1" - }, - { - "name" : "USN-3003-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3003-1" - }, - { - "name" : "USN-3004-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3004-1" - }, - { - "name" : "USN-3005-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3005-1" - }, - { - "name" : "USN-3006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3006-1" - }, - { - "name" : "USN-3007-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3007-1" - }, - { - "name" : "USN-3021-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3021-1" - }, - { - "name" : "USN-3021-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3021-2" - }, - { - "name" : "90301", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1690", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" + }, + { + "name": "USN-3006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3006-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "USN-3004-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3004-1" + }, + { + "name": "SUSE-SU-2016:2010", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html" + }, + { + "name": "SUSE-SU-2016:2011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html" + }, + { + "name": "USN-3001-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3001-1" + }, + { + "name": "SUSE-SU-2016:2003", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html" + }, + { + "name": "RHSA-2016:1640", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1640.html" + }, + { + "name": "RHSA-2016:1657", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1657.html" + }, + { + "name": "SUSE-SU-2016:1994", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html" + }, + { + "name": "90301", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90301" + }, + { + "name": "RHSA-2016:1406", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1406" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "RHSA-2016:1341", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1341" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1961", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html" + }, + { + "name": "USN-3005-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3005-1" + }, + { + "name": "SUSE-SU-2016:2001", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html" + }, + { + "name": "SUSE-SU-2016:1985", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" + }, + { + "name": "RHSA-2016:1301", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1301" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3" + }, + { + "name": "RHSA-2016:1814", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1814.html" + }, + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3" + }, + { + "name": "USN-3018-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-2" + }, + { + "name": "USN-3021-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3021-2" + }, + { + "name": "SUSE-SU-2016:2006", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html" + }, + { + "name": "SUSE-SU-2016:2014", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html" + }, + { + "name": "RHSA-2016:1489", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1489.html" + }, + { + "name": "USN-3019-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3019-1" + }, + { + "name": "openSUSE-SU-2016:1641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "USN-3002-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3002-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570" + }, + { + "name": "SUSE-SU-2016:1672", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" + }, + { + "name": "SUSE-SU-2016:2009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html" + }, + { + "name": "USN-3021-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3021-1" + }, + { + "name": "USN-3018-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-1" + }, + { + "name": "RHSA-2016:1617", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1617.html" + }, + { + "name": "SUSE-SU-2016:2005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html" + }, + { + "name": "SUSE-SU-2016:2007", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html" + }, + { + "name": "USN-3007-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3007-1" + }, + { + "name": "SUSE-SU-2016:2000", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html" + }, + { + "name": "USN-3003-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3003-1" + }, + { + "name": "SUSE-SU-2016:1995", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "SUSE-SU-2016:2002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html" + }, + { + "name": "RHSA-2016:1581", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1581.html" + }, + { + "name": "RHSA-2016:1277", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1277" + }, + { + "name": "[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/07/1" + }, + { + "name": "SUSE-SU-2016:1937", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4646.json b/2016/4xxx/CVE-2016-4646.json index 6323a2619a6..c8a5f789f53 100644 --- a/2016/4xxx/CVE-2016-4646.json +++ b/2016/4xxx/CVE-2016-4646.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-16-439/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-16-439/" - }, - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Audio in Apple OS X before 10.11.6 mishandles a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted audio file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-16-439/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-16-439/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4690.json b/2016/4xxx/CVE-2016-4690.json index 810c9aaf97f..60b1fed5216 100644 --- a/2016/4xxx/CVE-2016-4690.json +++ b/2016/4xxx/CVE-2016-4690.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"Image Capture\" component, which allows attackers to execute arbitrary code via a crafted USB HID device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - }, - { - "name" : "94850", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94850" - }, - { - "name" : "1037429", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037429" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the \"Image Capture\" component, which allows attackers to execute arbitrary code via a crafted USB HID device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + }, + { + "name": "1037429", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037429" + }, + { + "name": "94850", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94850" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5253.json b/2016/5xxx/CVE-2016-5253.json index 6f0a2ab26c1..26be8e2271f 100644 --- a/2016/5xxx/CVE-2016-5253.json +++ b/2016/5xxx/CVE-2016-5253.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-69.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-69.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246944", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246944" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "92260", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92260" - }, - { - "name" : "1036508", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036508" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-69.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-69.html" + }, + { + "name": "1036508", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036508" + }, + { + "name": "92260", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92260" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246944", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246944" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5566.json b/2016/5xxx/CVE-2016-5566.json index 0b28869c1fe..6863de80987 100644 --- a/2016/5xxx/CVE-2016-5566.json +++ b/2016/5xxx/CVE-2016-5566.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93749", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93749" - }, - { - "name" : "1037048", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect confidentiality via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037048", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037048" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93749", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93749" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0016.json b/2019/0xxx/CVE-2019-0016.json index 76f39b19fee..2e4fe713220 100644 --- a/2019/0xxx/CVE-2019-0016.json +++ b/2019/0xxx/CVE-2019-0016.json @@ -1,100 +1,100 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@juniper.net", - "DATE_PUBLIC" : "2019-01-09T17:00:00.000Z", - "ID" : "CVE-2019-0016", - "STATE" : "PUBLIC", - "TITLE" : "Junos Space: Authenticated user able to delete devices without delete device privileges" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Junos Space", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "18.3R1" - } - ] - } - } - ] - }, - "vendor_name" : "Juniper Networks" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." - } - ], - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 6.5, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "NONE", - "integrityImpact" : "HIGH", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2019-01-09T17:00:00.000Z", + "ID": "CVE-2019-0016", + "STATE": "PUBLIC", + "TITLE": "Junos Space: Authenticated user able to delete devices without delete device privileges" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos Space", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "18.3R1" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/JSA10917", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10917" - } - ] - }, - "source" : { - "advisory" : "JSA10917", - "defect" : [ - "1351713" - ], - "discovery" : "EXTERNAL" - }, - "work_around" : [ - { - "lang" : "eng", - "value" : "Use access lists or firewall filters to limit access to the device's management interface only from trusted hosts and administrators." - } - ] -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA10917", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10917" + } + ] + }, + "source": { + "advisory": "JSA10917", + "defect": [ + "1351713" + ], + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "Use access lists or firewall filters to limit access to the device's management interface only from trusted hosts and administrators." + } + ] +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0071.json b/2019/0xxx/CVE-2019-0071.json index 7d17f9bdb0e..ed1c7d2da8c 100644 --- a/2019/0xxx/CVE-2019-0071.json +++ b/2019/0xxx/CVE-2019-0071.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0071", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0071", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0259.json b/2019/0xxx/CVE-2019-0259.json index 0590780bea9..0af66ee396d 100644 --- a/2019/0xxx/CVE-2019-0259.json +++ b/2019/0xxx/CVE-2019-0259.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2019-0259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP BusinessObjects Business Intelligence Platform Servers (Enterprise)", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "4.2" - }, - { - "version_name" : "<", - "version_value" : "4.3" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Unrestricted File Upload" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2019-0259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP BusinessObjects Business Intelligence Platform Servers (Enterprise)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "4.2" + }, + { + "version_name": "<", + "version_value": "4.3" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2727564", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2727564" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" - }, - { - "name" : "106997", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106997" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unrestricted File Upload" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106997", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106997" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2727564", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2727564" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0394.json b/2019/0xxx/CVE-2019-0394.json index 80ed6b93439..bffe5564da1 100644 --- a/2019/0xxx/CVE-2019-0394.json +++ b/2019/0xxx/CVE-2019-0394.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0394", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0394", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0898.json b/2019/0xxx/CVE-2019-0898.json index 64325eb3f5d..9dcee4da048 100644 --- a/2019/0xxx/CVE-2019-0898.json +++ b/2019/0xxx/CVE-2019-0898.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0898", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0898", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1131.json b/2019/1xxx/CVE-2019-1131.json index 79d9c5b14fc..516e963dc26 100644 --- a/2019/1xxx/CVE-2019-1131.json +++ b/2019/1xxx/CVE-2019-1131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1131", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1131", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3033.json b/2019/3xxx/CVE-2019-3033.json index c6e923f5273..cbb05240543 100644 --- a/2019/3xxx/CVE-2019-3033.json +++ b/2019/3xxx/CVE-2019-3033.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3033", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3033", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3066.json b/2019/3xxx/CVE-2019-3066.json index 30c19832ae5..8a4907e918f 100644 --- a/2019/3xxx/CVE-2019-3066.json +++ b/2019/3xxx/CVE-2019-3066.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3066", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3066", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3113.json b/2019/3xxx/CVE-2019-3113.json index d1fb79ca0d9..084cee920dc 100644 --- a/2019/3xxx/CVE-2019-3113.json +++ b/2019/3xxx/CVE-2019-3113.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3113", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3113", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4237.json b/2019/4xxx/CVE-2019-4237.json index 512ae97b4b9..894a5cf3e70 100644 --- a/2019/4xxx/CVE-2019-4237.json +++ b/2019/4xxx/CVE-2019-4237.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4237", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4237", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4244.json b/2019/4xxx/CVE-2019-4244.json index d3ca811f3b9..cab6a5a4abc 100644 --- a/2019/4xxx/CVE-2019-4244.json +++ b/2019/4xxx/CVE-2019-4244.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4244", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4244", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4285.json b/2019/4xxx/CVE-2019-4285.json index ad075a55a15..c27e70ae40e 100644 --- a/2019/4xxx/CVE-2019-4285.json +++ b/2019/4xxx/CVE-2019-4285.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4285", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4285", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4872.json b/2019/4xxx/CVE-2019-4872.json index 1ab3715f1d8..dc70e8cdcbe 100644 --- a/2019/4xxx/CVE-2019-4872.json +++ b/2019/4xxx/CVE-2019-4872.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4872", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4872", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7507.json b/2019/7xxx/CVE-2019-7507.json index 16fbdf99944..b1725c63afa 100644 --- a/2019/7xxx/CVE-2019-7507.json +++ b/2019/7xxx/CVE-2019-7507.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7507", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7507", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7921.json b/2019/7xxx/CVE-2019-7921.json index a65f7e69e31..57e45079381 100644 --- a/2019/7xxx/CVE-2019-7921.json +++ b/2019/7xxx/CVE-2019-7921.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7921", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7921", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8080.json b/2019/8xxx/CVE-2019-8080.json index 34687ca6f22..3b40264e47a 100644 --- a/2019/8xxx/CVE-2019-8080.json +++ b/2019/8xxx/CVE-2019-8080.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8080", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8080", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8292.json b/2019/8xxx/CVE-2019-8292.json index 17f302db867..60886453fef 100644 --- a/2019/8xxx/CVE-2019-8292.json +++ b/2019/8xxx/CVE-2019-8292.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8292", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8292", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8790.json b/2019/8xxx/CVE-2019-8790.json index b32daa75e33..062ab920f61 100644 --- a/2019/8xxx/CVE-2019-8790.json +++ b/2019/8xxx/CVE-2019-8790.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8790", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8790", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8867.json b/2019/8xxx/CVE-2019-8867.json index 62b0c54299e..bb6602be000 100644 --- a/2019/8xxx/CVE-2019-8867.json +++ b/2019/8xxx/CVE-2019-8867.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8867", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8867", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9034.json b/2019/9xxx/CVE-2019-9034.json index e859ed189c9..be9fd8d7e54 100644 --- a/2019/9xxx/CVE-2019-9034.json +++ b/2019/9xxx/CVE-2019-9034.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/TeamSeri0us/pocs/tree/master/matio", - "refsource" : "MISC", - "url" : "https://github.com/TeamSeri0us/pocs/tree/master/matio" - }, - { - "name" : "https://github.com/tbeu/matio/issues/103", - "refsource" : "MISC", - "url" : "https://github.com/tbeu/matio/issues/103" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tbeu/matio/issues/103", + "refsource": "MISC", + "url": "https://github.com/tbeu/matio/issues/103" + }, + { + "name": "https://github.com/TeamSeri0us/pocs/tree/master/matio", + "refsource": "MISC", + "url": "https://github.com/TeamSeri0us/pocs/tree/master/matio" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9352.json b/2019/9xxx/CVE-2019-9352.json index 5281945e693..e61e5b919d1 100644 --- a/2019/9xxx/CVE-2019-9352.json +++ b/2019/9xxx/CVE-2019-9352.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9352", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9352", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9481.json b/2019/9xxx/CVE-2019-9481.json index 1e57d587244..c5a2cc7437a 100644 --- a/2019/9xxx/CVE-2019-9481.json +++ b/2019/9xxx/CVE-2019-9481.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9481", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9481", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file