diff --git a/2006/1xxx/CVE-2006-1841.json b/2006/1xxx/CVE-2006-1841.json index 7c9736bf18d..ba74906d6d1 100644 --- a/2006/1xxx/CVE-2006-1841.json +++ b/2006/1xxx/CVE-2006-1841.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions before 2.9b, allows remote attackers to inject arbitrary web script or HTML via the key parameter, as used by the search field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1841", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060416 Xss In bMachine 2٫7", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/431120/100/0/threaded" - }, - { - "name" : "17550", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17550" - }, - { - "name" : "ADV-2006-1375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1375" - }, - { - "name" : "19711", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19711" - }, - { - "name" : "boastmachine-search-xss(25914)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25914" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions before 2.9b, allows remote attackers to inject arbitrary web script or HTML via the key parameter, as used by the search field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19711", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19711" + }, + { + "name": "20060416 Xss In bMachine 2٫7", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/431120/100/0/threaded" + }, + { + "name": "ADV-2006-1375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1375" + }, + { + "name": "boastmachine-search-xss(25914)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25914" + }, + { + "name": "17550", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17550" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5300.json b/2006/5xxx/CVE-2006-5300.json index 440b2a90c6d..bcbfe6cd65b 100644 --- a/2006/5xxx/CVE-2006-5300.json +++ b/2006/5xxx/CVE-2006-5300.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5300", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain \"unauthorized access\" to a remote Repository Manager account and potentially gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5300", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02158", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/448429/100/0/threaded" - }, - { - "name" : "SSRT061251", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/448429/100/0/threaded" - }, - { - "name" : "20465", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20465" - }, - { - "name" : "ADV-2006-4017", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4017" - }, - { - "name" : "1017042", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017042" - }, - { - "name" : "22399", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22399" - }, - { - "name" : "1727", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1727" - }, - { - "name" : "hp-vca-privilege-escalation(29500)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29500" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain \"unauthorized access\" to a remote Repository Manager account and potentially gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hp-vca-privilege-escalation(29500)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29500" + }, + { + "name": "1727", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1727" + }, + { + "name": "ADV-2006-4017", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4017" + }, + { + "name": "HPSBMA02158", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/448429/100/0/threaded" + }, + { + "name": "1017042", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017042" + }, + { + "name": "SSRT061251", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/448429/100/0/threaded" + }, + { + "name": "22399", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22399" + }, + { + "name": "20465", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20465" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5396.json b/2006/5xxx/CVE-2006-5396.json index 75c109679b5..aa2acf36861 100644 --- a/2006/5xxx/CVE-2006-5396.json +++ b/2006/5xxx/CVE-2006-5396.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102667", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102667-1" - }, - { - "name" : "20587", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20587" - }, - { - "name" : "ADV-2006-4080", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4080" - }, - { - "name" : "oval:org.mitre.oval:def:2199", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2199" - }, - { - "name" : "1017082", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017082" - }, - { - "name" : "22453", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22453" - }, - { - "name" : "solaris-tcp-dos(29630)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29630" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20587", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20587" + }, + { + "name": "102667", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102667-1" + }, + { + "name": "oval:org.mitre.oval:def:2199", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2199" + }, + { + "name": "solaris-tcp-dos(29630)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29630" + }, + { + "name": "1017082", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017082" + }, + { + "name": "ADV-2006-4080", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4080" + }, + { + "name": "22453", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22453" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5534.json b/2006/5xxx/CVE-2006-5534.json index f6e774b4135..8a0ada2748e 100644 --- a/2006/5xxx/CVE-2006-5534.json +++ b/2006/5xxx/CVE-2006-5534.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5534", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.htm in Zwahlen Online Shop Freeware 5.2.2.50, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) Kat, (3) id, or (4) no parameters. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5534", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061103 Zwahlen Online Shop", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2006-November/001106.html" - }, - { - "name" : "ADV-2006-4160", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4160" - }, - { - "name" : "30016", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/30016" - }, - { - "name" : "22571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22571" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.htm in Zwahlen Online Shop Freeware 5.2.2.50, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) Kat, (3) id, or (4) no parameters. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4160", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4160" + }, + { + "name": "30016", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/30016" + }, + { + "name": "22571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22571" + }, + { + "name": "20061103 Zwahlen Online Shop", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2006-November/001106.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5663.json b/2006/5xxx/CVE-2006-5663.json index 05680e0a453..c1730d4e0cd 100644 --- a/2006/5xxx/CVE-2006-5663.json +++ b/2006/5xxx/CVE-2006-5663.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21247438", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21247438" - }, - { - "name" : "ADV-2006-4280", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4280" - }, - { - "name" : "1017156", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017156" - }, - { - "name" : "22609", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22609" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4280", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4280" + }, + { + "name": "22609", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22609" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21247438", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21247438" + }, + { + "name": "1017156", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017156" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2029.json b/2007/2xxx/CVE-2007-2029.json index 49a872ab3de..43e18385899 100644 --- a/2007/2xxx/CVE-2007-2029.json +++ b/2007/2xxx/CVE-2007-2029.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-1281", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1281" - }, - { - "name" : "MDKSA-2007:098", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:098" - }, - { - "name" : "23656", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23656" - }, - { - "name" : "34916", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34916" - }, - { - "name" : "25028", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25028" - }, - { - "name" : "25189", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25189" - }, - { - "name" : "clamav-pdfhandler-dos(34083)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34083" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "clamav-pdfhandler-dos(34083)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34083" + }, + { + "name": "34916", + "refsource": "OSVDB", + "url": "http://osvdb.org/34916" + }, + { + "name": "MDKSA-2007:098", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:098" + }, + { + "name": "23656", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23656" + }, + { + "name": "25189", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25189" + }, + { + "name": "25028", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25028" + }, + { + "name": "DSA-1281", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1281" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2030.json b/2007/2xxx/CVE-2007-2030.json index 31c825c90d7..edfe87d3ed2 100644 --- a/2007/2xxx/CVE-2007-2030.json +++ b/2007/2xxx/CVE-2007-2030.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585" - }, - { - "name" : "MDKSA-2007:117", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117" - }, - { - "name" : "24336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24336" - }, - { - "name" : "37049", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37049" - }, - { - "name" : "25519", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25519" - }, - { - "name" : "lha-lharc-symlink(34063)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25519", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25519" + }, + { + "name": "24336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24336" + }, + { + "name": "MDKSA-2007:117", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117" + }, + { + "name": "lha-lharc-symlink(34063)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063" + }, + { + "name": "37049", + "refsource": "OSVDB", + "url": "http://osvdb.org/37049" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2049.json b/2007/2xxx/CVE-2007-2049.json index bca60aa66d6..899c2d67392 100644 --- a/2007/2xxx/CVE-2007-2049.json +++ b/2007/2xxx/CVE-2007-2049.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3713", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3713" - }, - { - "name" : "23435", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23435" - }, - { - "name" : "37583", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37583" - }, - { - "name" : "37584", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37584" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23435", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23435" + }, + { + "name": "37583", + "refsource": "OSVDB", + "url": "http://osvdb.org/37583" + }, + { + "name": "3713", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3713" + }, + { + "name": "37584", + "refsource": "OSVDB", + "url": "http://osvdb.org/37584" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2115.json b/2007/2xxx/CVE-2007-2115.json index f0f760ea177..700c4c7f312 100644 --- a/2007/2xxx/CVE-2007-2115.json +++ b/2007/2xxx/CVE-2007-2115.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2115", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors, aka DB09. NOTE: as of 20070424, oracle has not disputed reliable claims that this issue involves multiple SQL injection vulnerabilities in the DBMS_CDC_PUBLISH with remote authenticated vectors involving the \"java classes in CDC.jar.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2115", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf", - "refsource" : "MISC", - "url" : "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf" - }, - { - "name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf", - "refsource" : "MISC", - "url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf" - }, - { - "name" : "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf", - "refsource" : "MISC", - "url" : "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf" - }, - { - "name" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html", - "refsource" : "MISC", - "url" : "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466329/100/200/threaded" - }, - { - "name" : "TA07-108A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-108A.html" - }, - { - "name" : "23532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23532" - }, - { - "name" : "ADV-2007-1426", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1426" - }, - { - "name" : "1017927", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors, aka DB09. NOTE: as of 20070424, oracle has not disputed reliable claims that this issue involves multiple SQL injection vulnerabilities in the DBMS_CDC_PUBLISH with remote authenticated vectors involving the \"java classes in CDC.jar.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-108A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-108A.html" + }, + { + "name": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf", + "refsource": "MISC", + "url": "http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html" + }, + { + "name": "23532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23532" + }, + { + "name": "1017927", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017927" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded" + }, + { + "name": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html", + "refsource": "MISC", + "url": "http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466329/100/200/threaded" + }, + { + "name": "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf", + "refsource": "MISC", + "url": "http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf" + }, + { + "name": "ADV-2007-1426", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1426" + }, + { + "name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf", + "refsource": "MISC", + "url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2648.json b/2007/2xxx/CVE-2007-2648.json index 075e6d9fabf..c6a7d30fba2 100644 --- a/2007/2xxx/CVE-2007-2648.json +++ b/2007/2xxx/CVE-2007-2648.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://moaxb.blogspot.com/2007/05/moaxb-14-clever-database-comparer.html", - "refsource" : "MISC", - "url" : "http://moaxb.blogspot.com/2007/05/moaxb-14-clever-database-comparer.html" - }, - { - "name" : "http://www.shinnai.altervista.org/moaxb/20070514/clever.html", - "refsource" : "MISC", - "url" : "http://www.shinnai.altervista.org/moaxb/20070514/clever.html" - }, - { - "name" : "23969", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23969" - }, - { - "name" : "ADV-2007-1792", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1792" - }, - { - "name" : "36019", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36019" - }, - { - "name" : "25227", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25227" - }, - { - "name" : "databasecomparer-comparerax-bo(34261)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34261" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.shinnai.altervista.org/moaxb/20070514/clever.html", + "refsource": "MISC", + "url": "http://www.shinnai.altervista.org/moaxb/20070514/clever.html" + }, + { + "name": "http://moaxb.blogspot.com/2007/05/moaxb-14-clever-database-comparer.html", + "refsource": "MISC", + "url": "http://moaxb.blogspot.com/2007/05/moaxb-14-clever-database-comparer.html" + }, + { + "name": "databasecomparer-comparerax-bo(34261)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34261" + }, + { + "name": "ADV-2007-1792", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1792" + }, + { + "name": "23969", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23969" + }, + { + "name": "25227", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25227" + }, + { + "name": "36019", + "refsource": "OSVDB", + "url": "http://osvdb.org/36019" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6045.json b/2007/6xxx/CVE-2007-6045.json index cba0c2f1608..e639996ddab 100644 --- a/2007/6xxx/CVE-2007-6045.json +++ b/2007/6xxx/CVE-2007-6045.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" - }, - { - "name" : "IZ03655", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655" - }, - { - "name" : "26450", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26450" - }, - { - "name" : "ADV-2007-3867", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3867" - }, - { - "name" : "41014", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41014" - }, - { - "name" : "41015", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41015" - }, - { - "name" : "27667", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" + }, + { + "name": "ADV-2007-3867", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3867" + }, + { + "name": "IZ03655", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655" + }, + { + "name": "26450", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26450" + }, + { + "name": "41015", + "refsource": "OSVDB", + "url": "http://osvdb.org/41015" + }, + { + "name": "27667", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27667" + }, + { + "name": "41014", + "refsource": "OSVDB", + "url": "http://osvdb.org/41014" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6332.json b/2007/6xxx/CVE-2007-6332.json index f4338ff8239..fb0e67bcae8 100644 --- a/2007/6xxx/CVE-2007-6332.json +++ b/2007/6xxx/CVE-2007-6332.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6332", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6332", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071211 HP notebooks remote code execution vulnerability (multiple series)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484880/100/100/threaded" - }, - { - "name" : "4720", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4720" - }, - { - "name" : "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt", - "refsource" : "MISC", - "url" : "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt" - }, - { - "name" : "HPSBGN02298", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486" - }, - { - "name" : "SSRT071502", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486" - }, - { - "name" : "26823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26823" - }, - { - "name" : "ADV-2007-4192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4192" - }, - { - "name" : "1019086", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019086" - }, - { - "name" : "28055", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28055" - }, - { - "name" : "hpinfo-hpinfo-information-disclosure(38994)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26823" + }, + { + "name": "SSRT071502", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486" + }, + { + "name": "4720", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4720" + }, + { + "name": "ADV-2007-4192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4192" + }, + { + "name": "1019086", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019086" + }, + { + "name": "hpinfo-hpinfo-information-disclosure(38994)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38994" + }, + { + "name": "28055", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28055" + }, + { + "name": "HPSBGN02298", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486" + }, + { + "name": "20071211 HP notebooks remote code execution vulnerability (multiple series)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484880/100/100/threaded" + }, + { + "name": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt", + "refsource": "MISC", + "url": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0065.json b/2010/0xxx/CVE-2010-0065.json index 7edce3bddff..8b12a33009e 100644 --- a/2010/0xxx/CVE-2010-0065.json +++ b/2010/0xxx/CVE-2010-0065.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-0065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4077", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4077" - }, - { - "name" : "APPLE-SA-2010-03-29-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image with bzip2 compression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-03-29-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT4077", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4077" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0888.json b/2010/0xxx/CVE-2010-0888.json index 0afa427a012..447a7b2ab00 100644 --- a/2010/0xxx/CVE-2010-0888.json +++ b/2010/0xxx/CVE-2010-0888.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0888", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0888", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" - }, - { - "name" : "274590", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-274590-1" - }, - { - "name" : "1021732", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021732.1-1" - }, - { - "name" : "TA10-103B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" - }, - { - "name" : "osps-srss-unspecified(57745)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57745" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA10-103B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" + }, + { + "name": "274590", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-274590-1" + }, + { + "name": "1021732", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021732.1-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" + }, + { + "name": "osps-srss-unspecified(57745)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57745" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1443.json b/2010/1xxx/CVE-2010-1443.json index f4e9831ca7a..d315ad17461 100644 --- a/2010/1xxx/CVE-2010-1443.json +++ b/2010/1xxx/CVE-2010-1443.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1443", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-1443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100428 Re: CVE request: VLC <1.0.6 Multiple issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2010/04/28/4" - }, - { - "name" : "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commit;h=8902488ba529c0cf4c903a8a84ff20b5737cc753", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commit;h=8902488ba529c0cf4c903a8a84ff20b5737cc753" - }, - { - "name" : "http://www.videolan.org/security/sa1003.html", - "refsource" : "CONFIRM", - "url" : "http://www.videolan.org/security/sa1003.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.videolan.org/security/sa1003.html", + "refsource": "CONFIRM", + "url": "http://www.videolan.org/security/sa1003.html" + }, + { + "name": "[oss-security] 20100428 Re: CVE request: VLC <1.0.6 Multiple issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2010/04/28/4" + }, + { + "name": "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commit;h=8902488ba529c0cf4c903a8a84ff20b5737cc753", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commit;h=8902488ba529c0cf4c903a8a84ff20b5737cc753" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1451.json b/2010/1xxx/CVE-2010-1451.json index e77b6a75d10..9b60cb9df0f 100644 --- a/2010/1xxx/CVE-2010-1451.json +++ b/2010/1xxx/CVE-2010-1451.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent attackers to exploit stack-based buffer overflows via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-1451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[linux-sparc] 20100219 Execution possible in non-executable mappings in recent 2.6 kernels", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-sparc&m=126662196902830&w=2" - }, - { - "name" : "[linux-sparc] 20100219 Re: Execution possible in non-executable mappings in recent 2.6 kernels", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-sparc&m=126662159602378&w=2" - }, - { - "name" : "[oss-security] 20100224 kernel: execution possible in non-executable mappings in recent 2.6 kernels (SPARC only)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/02/24/1" - }, - { - "name" : "[oss-security] 20100505 Re: CVE Request [was Re: kernel: execution possible in non-executable mappings in recent 2.6 kernels (SPARC only)]", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/05/05/2" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33" - }, - { - "name" : "DSA-2053", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2053" - }, - { - "name" : "39830", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39830" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent attackers to exploit stack-based buffer overflows via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20100224 kernel: execution possible in non-executable mappings in recent 2.6 kernels (SPARC only)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/02/24/1" + }, + { + "name": "[linux-sparc] 20100219 Execution possible in non-executable mappings in recent 2.6 kernels", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-sparc&m=126662196902830&w=2" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33" + }, + { + "name": "[oss-security] 20100505 Re: CVE Request [was Re: kernel: execution possible in non-executable mappings in recent 2.6 kernels (SPARC only)]", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/05/05/2" + }, + { + "name": "[linux-sparc] 20100219 Re: Execution possible in non-executable mappings in recent 2.6 kernels", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-sparc&m=126662159602378&w=2" + }, + { + "name": "DSA-2053", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2053" + }, + { + "name": "39830", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39830" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1542.json b/2010/1xxx/CVE-2010-1542.json index 7ec21b8c4b6..8dc0ff8272d 100644 --- a/2010/1xxx/CVE-2010-1542.json +++ b/2010/1xxx/CVE-2010-1542.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://holisticinfosec.org/content/view/135/45/", - "refsource" : "MISC", - "url" : "http://holisticinfosec.org/content/view/135/45/" - }, - { - "name" : "62673", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/62673" - }, - { - "name" : "38635", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38635" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks or (2) change unspecified settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38635", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38635" + }, + { + "name": "http://holisticinfosec.org/content/view/135/45/", + "refsource": "MISC", + "url": "http://holisticinfosec.org/content/view/135/45/" + }, + { + "name": "62673", + "refsource": "OSVDB", + "url": "http://osvdb.org/62673" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1659.json b/2010/1xxx/CVE-2010-1659.json index c0773007edf..5e6b8e03371 100644 --- a/2010/1xxx/CVE-2010-1659.json +++ b/2010/1xxx/CVE-2010-1659.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1004-exploits/joomlaultimateportfolio-lfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/joomlaultimateportfolio-lfi.txt" - }, - { - "name" : "12426", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12426" - }, - { - "name" : "39739", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39739" - }, - { - "name" : "ADV-2010-1008", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1008" - }, - { - "name" : "ultimateportfolio-controller-file-include(58177)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58177" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/1004-exploits/joomlaultimateportfolio-lfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/joomlaultimateportfolio-lfi.txt" + }, + { + "name": "12426", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12426" + }, + { + "name": "ADV-2010-1008", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1008" + }, + { + "name": "ultimateportfolio-controller-file-include(58177)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58177" + }, + { + "name": "39739", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39739" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4098.json b/2010/4xxx/CVE-2010-4098.json index 68b92dacfc5..ebb031d47f6 100644 --- a/2010/4xxx/CVE-2010-4098.json +++ b/2010/4xxx/CVE-2010-4098.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service (crash) via an empty argument to the mtn command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.monotone.ca/NEWS", - "refsource" : "CONFIRM", - "url" : "http://www.monotone.ca/NEWS" - }, - { - "name" : "FEDORA-2010-16888", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050484.html" - }, - { - "name" : "FEDORA-2010-16902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050468.html" - }, - { - "name" : "SUSE-SR:2010:021", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html" - }, - { - "name" : "44383", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44383" - }, - { - "name" : "41960", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41960" - }, - { - "name" : "42177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42177" - }, - { - "name" : "ADV-2010-2910", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2910" - }, - { - "name" : "monotone-commands-dos(62758)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62758" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service (crash) via an empty argument to the mtn command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2010-16902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050468.html" + }, + { + "name": "http://www.monotone.ca/NEWS", + "refsource": "CONFIRM", + "url": "http://www.monotone.ca/NEWS" + }, + { + "name": "monotone-commands-dos(62758)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62758" + }, + { + "name": "FEDORA-2010-16888", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050484.html" + }, + { + "name": "ADV-2010-2910", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2910" + }, + { + "name": "SUSE-SR:2010:021", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html" + }, + { + "name": "44383", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44383" + }, + { + "name": "41960", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41960" + }, + { + "name": "42177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42177" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4351.json b/2010/4xxx/CVE-2010-4351.json index 15512186a94..80cd366acb8 100644 --- a/2010/4xxx/CVE-2010-4351.json +++ b/2010/4xxx/CVE-2010-4351.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4351", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-014/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-014/" - }, - { - "name" : "http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/", - "refsource" : "CONFIRM", - "url" : "http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=663680", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=663680" - }, - { - "name" : "DSA-2224", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2224" - }, - { - "name" : "FEDORA-2011-0500", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html" - }, - { - "name" : "FEDORA-2011-0521", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "MDVSA-2011:054", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054" - }, - { - "name" : "RHSA-2011:0176", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0176.html" - }, - { - "name" : "USN-1052-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1052-1" - }, - { - "name" : "USN-1055-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1055-1" - }, - { - "name" : "45894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45894" - }, - { - "name" : "70605", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70605" - }, - { - "name" : "43002", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43002" - }, - { - "name" : "43085", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43085" - }, - { - "name" : "43078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43078" - }, - { - "name" : "43135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43135" - }, - { - "name" : "ADV-2011-0165", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0165" - }, - { - "name" : "ADV-2011-0166", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0166" - }, - { - "name" : "ADV-2011-0215", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0215" - }, - { - "name" : "ADV-2011-0239", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0239" - }, - { - "name" : "icedtea-jnlp-code-execution(64893)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/", + "refsource": "CONFIRM", + "url": "http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/" + }, + { + "name": "USN-1055-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1055-1" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "FEDORA-2011-0521", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html" + }, + { + "name": "45894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45894" + }, + { + "name": "43085", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43085" + }, + { + "name": "USN-1052-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1052-1" + }, + { + "name": "ADV-2011-0215", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0215" + }, + { + "name": "70605", + "refsource": "OSVDB", + "url": "http://osvdb.org/70605" + }, + { + "name": "ADV-2011-0239", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0239" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-014/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-014/" + }, + { + "name": "FEDORA-2011-0500", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html" + }, + { + "name": "43002", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43002" + }, + { + "name": "ADV-2011-0165", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0165" + }, + { + "name": "43078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43078" + }, + { + "name": "DSA-2224", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2224" + }, + { + "name": "43135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43135" + }, + { + "name": "ADV-2011-0166", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0166" + }, + { + "name": "icedtea-jnlp-code-execution(64893)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64893" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=663680", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=663680" + }, + { + "name": "MDVSA-2011:054", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054" + }, + { + "name": "RHSA-2011:0176", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0176.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4436.json b/2010/4xxx/CVE-2010-4436.json index 8127eb20d4e..50e014031fc 100644 --- a/2010/4xxx/CVE-2010-4436.json +++ b/2010/4xxx/CVE-2010-4436.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4436", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Web Console." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-4436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" - }, - { - "name" : "45885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45885" - }, - { - "name" : "70570", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70570" - }, - { - "name" : "42989", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42989" - }, - { - "name" : "ADV-2011-0156", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0156" - }, - { - "name" : "sun-management-console-info-disclosure(64814)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64814" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 allows remote attackers to affect confidentiality via unknown vectors related to Web Console." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "70570", + "refsource": "OSVDB", + "url": "http://osvdb.org/70570" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html" + }, + { + "name": "42989", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42989" + }, + { + "name": "ADV-2011-0156", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0156" + }, + { + "name": "45885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45885" + }, + { + "name": "sun-management-console-info-disclosure(64814)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64814" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4487.json b/2010/4xxx/CVE-2010-4487.json index e5ac0272bcf..5af54438232 100644 --- a/2010/4xxx/CVE-2010-4487.json +++ b/2010/4xxx/CVE-2010-4487.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4487", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a \"dangerous file.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=59817", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=59817" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html" - }, - { - "name" : "oval:org.mitre.oval:def:13423", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13423" - }, - { - "name" : "42472", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a \"dangerous file.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/chromium/issues/detail?id=59817", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=59817" + }, + { + "name": "42472", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42472" + }, + { + "name": "oval:org.mitre.oval:def:13423", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13423" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5306.json b/2010/5xxx/CVE-2010-5306.json index d88bc8db86d..596a0b8315d 100644 --- a/2010/5xxx/CVE-2010-5306.json +++ b/2010/5xxx/CVE-2010-5306.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5306", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", - "refsource" : "MISC", - "url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" - }, - { - "name" : "https://twitter.com/digitalbond/status/619250429751222277", - "refsource" : "MISC", - "url" : "https://twitter.com/digitalbond/status/619250429751222277" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02" - }, - { - "name" : "http://apps.gehealthcare.com/servlet/ClientServlet/5341628-1EN_r12.pdf?REQ=RAA&DIRECTION=5341628-1EN&FILENAME=5341628-1EN_r12.pdf&FILEREV=12&DOCREV_ORG=12", - "refsource" : "CONFIRM", - "url" : "http://apps.gehealthcare.com/servlet/ClientServlet/5341628-1EN_r12.pdf?REQ=RAA&DIRECTION=5341628-1EN&FILENAME=5341628-1EN_r12.pdf&FILEREV=12&DOCREV_ORG=12" - }, - { - "name" : "http://apps.gehealthcare.com/servlet/ClientServlet/5401943_rev+3.pdf?REQ=RAA&DIRECTION=5401943&FILENAME=5401943_rev%2B3.pdf&FILEREV=3&DOCREV_ORG=3", - "refsource" : "CONFIRM", - "url" : "http://apps.gehealthcare.com/servlet/ClientServlet/5401943_rev+3.pdf?REQ=RAA&DIRECTION=5401943&FILENAME=5401943_rev%2B3.pdf&FILEREV=3&DOCREV_ORG=3" - }, - { - "name" : "http://apps.gehealthcare.com/servlet/ClientServlet/5472001-1EN_rev2.pdf?REQ=RAA&DIRECTION=5472001-1EN&FILENAME=5472001-1EN_rev2.pdf&FILEREV=2&DOCREV_ORG=2", - "refsource" : "CONFIRM", - "url" : "http://apps.gehealthcare.com/servlet/ClientServlet/5472001-1EN_rev2.pdf?REQ=RAA&DIRECTION=5472001-1EN&FILENAME=5472001-1EN_rev2.pdf&FILEREV=2&DOCREV_ORG=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://apps.gehealthcare.com/servlet/ClientServlet/5472001-1EN_rev2.pdf?REQ=RAA&DIRECTION=5472001-1EN&FILENAME=5472001-1EN_rev2.pdf&FILEREV=2&DOCREV_ORG=2", + "refsource": "CONFIRM", + "url": "http://apps.gehealthcare.com/servlet/ClientServlet/5472001-1EN_rev2.pdf?REQ=RAA&DIRECTION=5472001-1EN&FILENAME=5472001-1EN_rev2.pdf&FILEREV=2&DOCREV_ORG=2" + }, + { + "name": "http://apps.gehealthcare.com/servlet/ClientServlet/5401943_rev+3.pdf?REQ=RAA&DIRECTION=5401943&FILENAME=5401943_rev%2B3.pdf&FILEREV=3&DOCREV_ORG=3", + "refsource": "CONFIRM", + "url": "http://apps.gehealthcare.com/servlet/ClientServlet/5401943_rev+3.pdf?REQ=RAA&DIRECTION=5401943&FILENAME=5401943_rev%2B3.pdf&FILEREV=3&DOCREV_ORG=3" + }, + { + "name": "http://apps.gehealthcare.com/servlet/ClientServlet/5341628-1EN_r12.pdf?REQ=RAA&DIRECTION=5341628-1EN&FILENAME=5341628-1EN_r12.pdf&FILEREV=12&DOCREV_ORG=12", + "refsource": "CONFIRM", + "url": "http://apps.gehealthcare.com/servlet/ClientServlet/5341628-1EN_r12.pdf?REQ=RAA&DIRECTION=5341628-1EN&FILENAME=5341628-1EN_r12.pdf&FILEREV=12&DOCREV_ORG=12" + }, + { + "name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", + "refsource": "MISC", + "url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" + }, + { + "name": "https://twitter.com/digitalbond/status/619250429751222277", + "refsource": "MISC", + "url": "https://twitter.com/digitalbond/status/619250429751222277" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0343.json b/2014/0xxx/CVE-2014-0343.json index 4ffcc5c0d64..4b4ff7e1ef2 100644 --- a/2014/0xxx/CVE-2014-0343.json +++ b/2014/0xxx/CVE-2014-0343.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web interface on Virtual Access GW6110A routers with software 9.00 before 9.09.27, 9.50 before 9.50.21, and 10.00 before 10.00.21 allows remote authenticated users to gain privileges via a modified JavaScript variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-0343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#213046", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/213046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web interface on Virtual Access GW6110A routers with software 9.00 before 9.09.27, 9.50 before 9.50.21, and 10.00 before 10.00.21 allows remote authenticated users to gain privileges via a modified JavaScript variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#213046", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/213046" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0589.json b/2014/0xxx/CVE-2014-0589.json index 6532382aeee..7c50e253bfe 100644 --- a/2014/0xxx/CVE-2014-0589.json +++ b/2014/0xxx/CVE-2014-0589.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html" - }, - { - "name" : "openSUSE-SU-2015:0725", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" - }, - { - "name" : "71051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0582." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-24.html" + }, + { + "name": "openSUSE-SU-2015:0725", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" + }, + { + "name": "71051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71051" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0720.json b/2014/0xxx/CVE-2014-0720.json index ab1f6c9689b..d6f334ebd48 100644 --- a/2014/0xxx/CVE-2014-0720.json +++ b/2014/0xxx/CVE-2014-0720.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140219 Multiple Vulnerabilities in Cisco IPS Software", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140219 Multiple Vulnerabilities in Cisco IPS Software", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-ips" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0918.json b/2014/0xxx/CVE-2014-0918.json index 0e51bd498d3..bfd4ad56f09 100644 --- a/2014/0xxx/CVE-2014-0918.json +++ b/2014/0xxx/CVE-2014-0918.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0918", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0918", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670753", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21670753" - }, - { - "name" : "PI14125", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14125" - }, - { - "name" : "67340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67340" - }, - { - "name" : "ibm-iehs-cve20140918-traversal(91980)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06 allows remote attackers to read arbitrary files via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "PI14125", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14125" + }, + { + "name": "67340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67340" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21670753", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670753" + }, + { + "name": "ibm-iehs-cve20140918-traversal(91980)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91980" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1559.json b/2014/1xxx/CVE-2014-1559.json index 082145cc9dd..0473c39eb8e 100644 --- a/2014/1xxx/CVE-2014-1559.json +++ b/2014/1xxx/CVE-2014-1559.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1559", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1559", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-65.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-65.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1026022", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1026022" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "1030619", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030619" - }, - { - "name" : "1030620", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030620" - }, - { - "name" : "60628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "1030620", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030620" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-65.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-65.html" + }, + { + "name": "1030619", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030619" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1026022", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1026022" + }, + { + "name": "60628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60628" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1716.json b/2014/1xxx/CVE-2014-1716.json index 8b482bbdea0..cb5248fe3a9 100644 --- a/2014/1xxx/CVE-2014-1716.json +++ b/2014/1xxx/CVE-2014-1716.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=354123", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=354123" - }, - { - "name" : "https://code.google.com/p/v8/source/detail?r=20138", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/v8/source/detail?r=20138" - }, - { - "name" : "DSA-2905", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2905" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0601", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Universal XSS (UXSS).\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=354123", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=354123" + }, + { + "name": "https://code.google.com/p/v8/source/detail?r=20138", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/v8/source/detail?r=20138" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" + }, + { + "name": "openSUSE-SU-2014:0601", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "DSA-2905", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2905" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1951.json b/2014/1xxx/CVE-2014-1951.json index 7daf6cca686..0e00d24ab30 100644 --- a/2014/1xxx/CVE-2014-1951.json +++ b/2014/1xxx/CVE-2014-1951.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1951", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1951", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1972.json b/2014/1xxx/CVE-2014-1972.json index ce36ffc90bf..073bfd8fd19 100644 --- a/2014/1xxx/CVE-2014-1972.json +++ b/2014/1xxx/CVE-2014-1972.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1972", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-1972", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://issues.apache.org/jira/browse/TAP5-2008", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/TAP5-2008" - }, - { - "name" : "https://tapestry.apache.org/release-notes-536.html", - "refsource" : "CONFIRM", - "url" : "https://tapestry.apache.org/release-notes-536.html" - }, - { - "name" : "JVN#17611367", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN17611367/index.html" - }, - { - "name" : "JVNDB-2015-000118", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tapestry.apache.org/release-notes-536.html", + "refsource": "CONFIRM", + "url": "https://tapestry.apache.org/release-notes-536.html" + }, + { + "name": "https://issues.apache.org/jira/browse/TAP5-2008", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/TAP5-2008" + }, + { + "name": "JVN#17611367", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN17611367/index.html" + }, + { + "name": "JVNDB-2015-000118", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1974.json b/2014/1xxx/CVE-2014-1974.json index e40d4b3ad9a..c18cfad0b66 100644 --- a/2014/1xxx/CVE-2014-1974.json +++ b/2014/1xxx/CVE-2014-1974.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1974", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-1974", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://play.google.com/store/apps/details?id=lysesoft.andexplorer", - "refsource" : "CONFIRM", - "url" : "https://play.google.com/store/apps/details?id=lysesoft.andexplorer" - }, - { - "name" : "https://play.google.com/store/apps/details?id=lysesoft.andexplorerpro", - "refsource" : "CONFIRM", - "url" : "https://play.google.com/store/apps/details?id=lysesoft.andexplorerpro" - }, - { - "name" : "JVN#22670349", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN22670349/index.html" - }, - { - "name" : "JVNDB-2014-000037", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000037" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://play.google.com/store/apps/details?id=lysesoft.andexplorer", + "refsource": "CONFIRM", + "url": "https://play.google.com/store/apps/details?id=lysesoft.andexplorer" + }, + { + "name": "https://play.google.com/store/apps/details?id=lysesoft.andexplorerpro", + "refsource": "CONFIRM", + "url": "https://play.google.com/store/apps/details?id=lysesoft.andexplorerpro" + }, + { + "name": "JVN#22670349", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN22670349/index.html" + }, + { + "name": "JVNDB-2014-000037", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000037" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4046.json b/2014/4xxx/CVE-2014-4046.json index b9a806f45f2..178a2450d80 100644 --- a/2014/4xxx/CVE-2014-4046.json +++ b/2014/4xxx/CVE-2014-4046.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140612 AST-2014-006: Asterisk Manager User Unauthorized Shell Access", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532419/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/127088/Asterisk-Project-Security-Advisory-AST-2014-006.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127088/Asterisk-Project-Security-Advisory-AST-2014-006.html" - }, - { - "name" : "http://downloads.asterisk.org/pub/security/AST-2014-006.html", - "refsource" : "CONFIRM", - "url" : "http://downloads.asterisk.org/pub/security/AST-2014-006.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140612 AST-2014-006: Asterisk Manager User Unauthorized Shell Access", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532419/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/127088/Asterisk-Project-Security-Advisory-AST-2014-006.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127088/Asterisk-Project-Security-Advisory-AST-2014-006.html" + }, + { + "name": "http://downloads.asterisk.org/pub/security/AST-2014-006.html", + "refsource": "CONFIRM", + "url": "http://downloads.asterisk.org/pub/security/AST-2014-006.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4266.json b/2014/4xxx/CVE-2014-4266.json index 2ef26d57cb9..37ce0889f12 100644 --- a/2014/4xxx/CVE-2014-4266.json +++ b/2014/4xxx/CVE-2014-4266.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686383" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686824" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680334" - }, - { - "name" : "DSA-2980", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2980" - }, - { - "name" : "DSA-2987", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2987" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "RHSA-2014:0902", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0902" - }, - { - "name" : "SUSE-SU-2015:0344", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" - }, - { - "name" : "68596", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68596" - }, - { - "name" : "1030577", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030577" - }, - { - "name" : "60081", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60081" - }, - { - "name" : "60317", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60317" - }, - { - "name" : "61577", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61577" - }, - { - "name" : "61640", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61640" - }, - { - "name" : "60817", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60817" - }, - { - "name" : "60485", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60485" - }, - { - "name" : "59924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59924" - }, - { - "name" : "59987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59987" - }, - { - "name" : "59680", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59680" - }, - { - "name" : "60622", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60622" - }, - { - "name" : "60129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60129" - }, - { - "name" : "60812", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60812" - }, - { - "name" : "oracle-cpujul2014-cve20144266(94601)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94601" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2987", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2987" + }, + { + "name": "60129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60129" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "oracle-cpujul2014-cve20144266(94601)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94601" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "DSA-2980", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2980" + }, + { + "name": "1030577", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030577" + }, + { + "name": "59987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59987" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "60812", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60812" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "60817", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60817" + }, + { + "name": "59924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59924" + }, + { + "name": "61577", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61577" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "60485", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60485" + }, + { + "name": "59680", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59680" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334" + }, + { + "name": "60622", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60622" + }, + { + "name": "60081", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60081" + }, + { + "name": "RHSA-2014:0902", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0902" + }, + { + "name": "68596", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68596" + }, + { + "name": "61640", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61640" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + }, + { + "name": "60317", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60317" + }, + { + "name": "SUSE-SU-2015:0344", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4280.json b/2014/4xxx/CVE-2014-4280.json index 7465219804c..8e1a6c88e7a 100644 --- a/2014/4xxx/CVE-2014-4280.json +++ b/2014/4xxx/CVE-2014-4280.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4284." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "70543", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70543" - }, - { - "name" : "1031032", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031032" - }, - { - "name" : "61593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to IPS transfer module, a different vulnerability than CVE-2014-4284." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "70543", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70543" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + }, + { + "name": "1031032", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031032" + }, + { + "name": "61593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61593" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4678.json b/2014/4xxx/CVE-2014-4678.json index e17e337bd04..d25a368365e 100644 --- a/2014/4xxx/CVE-2014-4678.json +++ b/2014/4xxx/CVE-2014-4678.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4678", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4678", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9979.json b/2014/9xxx/CVE-2014-9979.json index 635e68bf24e..cdb489d7b61 100644 --- a/2014/9xxx/CVE-2014-9979.json +++ b/2014/9xxx/CVE-2014-9979.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2014-9979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use of Uninitialized Variable in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2014-9979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of Uninitialized Variable in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3015.json b/2016/3xxx/CVE-2016-3015.json index e6d8b5857e3..8a71b320e5f 100644 --- a/2016/3xxx/CVE-2016-3015.json +++ b/2016/3xxx/CVE-2016-3015.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-3015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cognos Analytics", - "version" : { - "version_data" : [ - { - "version_value" : "11.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-3015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cognos Analytics", + "version": { + "version_data": [ + { + "version_value": "11.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21998887", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21998887" - }, - { - "name" : "97279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97279" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998887." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21998887", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21998887" + }, + { + "name": "97279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97279" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3033.json b/2016/3xxx/CVE-2016-3033.json index d6676e68957..702527cefce 100644 --- a/2016/3xxx/CVE-2016-3033.json +++ b/2016/3xxx/CVE-2016-3033.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3033", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-3033", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21987326", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21987326" - }, - { - "name" : "92388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92388" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21987326", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987326" + }, + { + "name": "92388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92388" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3946.json b/2016/3xxx/CVE-2016-3946.json index 11d22173a39..7915a3354e7 100644 --- a/2016/3xxx/CVE-2016-3946.json +++ b/2016/3xxx/CVE-2016-3946.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3946", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3946", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161011 Onapsis Security Advisory ONAPSIS-2016-001: SAP console insecure password storage", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Oct/31" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage" - }, - { - "name" : "93509", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93509" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20161011 Onapsis Security Advisory ONAPSIS-2016-001: SAP console insecure password storage", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Oct/31" + }, + { + "name": "93509", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93509" + }, + { + "name": "https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3991.json b/2016/3xxx/CVE-2016-3991.json index d10235a0aea..d6eeaa8c586 100644 --- a/2016/3xxx/CVE-2016-3991.json +++ b/2016/3xxx/CVE-2016-3991.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3991", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3991", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160412 CVE-2016-3991 : out-of-bounds write in loadImage() in tiffcrop tool", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/12/3" - }, - { - "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2543", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2543" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1326249", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1326249" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3762", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3762" - }, - { - "name" : "GLSA-201701-16", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-16" - }, - { - "name" : "RHSA-2016:1546", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1546.html" - }, - { - "name" : "RHSA-2016:1547", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1547.html" - }, - { - "name" : "openSUSE-SU-2016:2275", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html" - }, - { - "name" : "85996", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85996" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "85996", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85996" + }, + { + "name": "RHSA-2016:1547", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "GLSA-201701-16", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-16" + }, + { + "name": "openSUSE-SU-2016:2275", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html" + }, + { + "name": "[oss-security] 20160412 CVE-2016-3991 : out-of-bounds write in loadImage() in tiffcrop tool", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/12/3" + }, + { + "name": "RHSA-2016:1546", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html" + }, + { + "name": "DSA-3762", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3762" + }, + { + "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2543", + "refsource": "CONFIRM", + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2543" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1326249", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326249" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7027.json b/2016/7xxx/CVE-2016-7027.json index f0240c61661..210803b4bdb 100644 --- a/2016/7xxx/CVE-2016-7027.json +++ b/2016/7xxx/CVE-2016-7027.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7027", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7027", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7349.json b/2016/7xxx/CVE-2016-7349.json index 455707ccfa2..e5764c8975c 100644 --- a/2016/7xxx/CVE-2016-7349.json +++ b/2016/7xxx/CVE-2016-7349.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7349", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7349", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7654.json b/2016/7xxx/CVE-2016-7654.json index dcebf3c907d..3ca73b11adc 100644 --- a/2016/7xxx/CVE-2016-7654.json +++ b/2016/7xxx/CVE-2016-7654.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-7654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-7654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207421", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207421" - }, - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - }, - { - "name" : "https://support.apple.com/HT207424", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207424" - }, - { - "name" : "https://support.apple.com/HT207427", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207427" - }, - { - "name" : "GLSA-201706-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201706-15" - }, - { - "name" : "94907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94907" - }, - { - "name" : "1037459", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207427", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207427" + }, + { + "name": "94907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94907" + }, + { + "name": "https://support.apple.com/HT207421", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207421" + }, + { + "name": "1037459", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037459" + }, + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + }, + { + "name": "GLSA-201706-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201706-15" + }, + { + "name": "https://support.apple.com/HT207424", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207424" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8078.json b/2016/8xxx/CVE-2016-8078.json index eaca29cbfc5..287035cd735 100644 --- a/2016/8xxx/CVE-2016-8078.json +++ b/2016/8xxx/CVE-2016-8078.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8078", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8078", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8174.json b/2016/8xxx/CVE-2016-8174.json index c64ca11b721..29e028abd51 100644 --- a/2016/8xxx/CVE-2016-8174.json +++ b/2016/8xxx/CVE-2016-8174.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8174", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8174", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8891.json b/2016/8xxx/CVE-2016-8891.json index 94365a297af..25d67f9f95b 100644 --- a/2016/8xxx/CVE-2016-8891.json +++ b/2016/8xxx/CVE-2016-8891.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8891", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8891", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8959.json b/2016/8xxx/CVE-2016-8959.json index d584ad2a4ec..c1b37afa35e 100644 --- a/2016/8xxx/CVE-2016-8959.json +++ b/2016/8xxx/CVE-2016-8959.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8959", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8959", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9010.json b/2016/9xxx/CVE-2016-9010.json index ac52ab00855..6dd2b82e874 100644 --- a/2016/9xxx/CVE-2016-9010.json +++ b/2016/9xxx/CVE-2016-9010.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Integration Bus", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "9.0" - }, - { - "version_value" : "10" - }, - { - "version_value" : "10.0" - }, - { - "version_value" : "9" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM Reference #: 1997906." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Integration Bus", + "version": { + "version_data": [ + { + "version_value": "9.0.0.0" + }, + { + "version_value": "9.0" + }, + { + "version_value": "10" + }, + { + "version_value": "10.0" + }, + { + "version_value": "9" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21997906", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21997906" - }, - { - "name" : "96279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96279" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM Reference #: 1997906." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96279" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21997906", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21997906" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9549.json b/2016/9xxx/CVE-2016-9549.json index dcb5800ae74..af97cb6b0b2 100644 --- a/2016/9xxx/CVE-2016-9549.json +++ b/2016/9xxx/CVE-2016-9549.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9549", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9549", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2167.json b/2019/2xxx/CVE-2019-2167.json index 4aad725adaa..0177d9536f2 100644 --- a/2019/2xxx/CVE-2019-2167.json +++ b/2019/2xxx/CVE-2019-2167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2167", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2167", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file