From 9e896f1f92dd81c179b259357a8be48992932382 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:11:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0068.json | 130 +++++----- 1999/0xxx/CVE-1999-0380.json | 160 ++++++------ 1999/1xxx/CVE-1999-1039.json | 120 ++++----- 1999/1xxx/CVE-1999-1132.json | 150 ++++++------ 1999/1xxx/CVE-1999-1212.json | 130 +++++----- 1999/1xxx/CVE-1999-1251.json | 130 +++++----- 1999/1xxx/CVE-1999-1307.json | 130 +++++----- 2000/0xxx/CVE-2000-0079.json | 120 ++++----- 2000/0xxx/CVE-2000-0263.json | 130 +++++----- 2000/0xxx/CVE-2000-0321.json | 130 +++++----- 2000/0xxx/CVE-2000-0394.json | 140 +++++------ 2000/0xxx/CVE-2000-0504.json | 140 +++++------ 2000/0xxx/CVE-2000-0646.json | 130 +++++----- 2000/0xxx/CVE-2000-0775.json | 140 +++++------ 2000/0xxx/CVE-2000-0786.json | 150 ++++++------ 2000/1xxx/CVE-2000-1201.json | 120 ++++----- 2005/2xxx/CVE-2005-2335.json | 330 ++++++++++++------------- 2005/2xxx/CVE-2005-2954.json | 190 +++++++-------- 2005/2xxx/CVE-2005-2998.json | 120 ++++----- 2005/3xxx/CVE-2005-3744.json | 160 ++++++------ 2007/5xxx/CVE-2007-5405.json | 330 ++++++++++++------------- 2007/5xxx/CVE-2007-5509.json | 200 +++++++-------- 2009/2xxx/CVE-2009-2037.json | 140 +++++------ 2009/2xxx/CVE-2009-2071.json | 200 +++++++-------- 2009/2xxx/CVE-2009-2457.json | 170 ++++++------- 2009/2xxx/CVE-2009-2597.json | 140 +++++------ 2009/2xxx/CVE-2009-2750.json | 140 +++++------ 2009/2xxx/CVE-2009-2833.json | 150 ++++++------ 2009/3xxx/CVE-2009-3963.json | 150 ++++++------ 2015/0xxx/CVE-2015-0356.json | 190 +++++++-------- 2015/0xxx/CVE-2015-0574.json | 142 +++++------ 2015/0xxx/CVE-2015-0632.json | 140 +++++------ 2015/0xxx/CVE-2015-0994.json | 120 ++++----- 2015/3xxx/CVE-2015-3294.json | 220 ++++++++--------- 2015/3xxx/CVE-2015-3397.json | 140 +++++------ 2015/4xxx/CVE-2015-4465.json | 120 ++++----- 2015/4xxx/CVE-2015-4843.json | 460 +++++++++++++++++------------------ 2015/8xxx/CVE-2015-8089.json | 120 ++++----- 2015/8xxx/CVE-2015-8291.json | 34 +-- 2015/8xxx/CVE-2015-8368.json | 140 +++++------ 2015/8xxx/CVE-2015-8463.json | 34 +-- 2015/8xxx/CVE-2015-8723.json | 190 +++++++-------- 2015/9xxx/CVE-2015-9046.json | 132 +++++----- 2015/9xxx/CVE-2015-9218.json | 132 +++++----- 2016/5xxx/CVE-2016-5178.json | 240 +++++++++--------- 2016/5xxx/CVE-2016-5231.json | 130 +++++----- 2016/5xxx/CVE-2016-5427.json | 170 ++++++------- 2016/5xxx/CVE-2016-5599.json | 130 +++++----- 2018/2xxx/CVE-2018-2386.json | 164 ++++++------- 2018/2xxx/CVE-2018-2497.json | 156 ++++++------ 2018/2xxx/CVE-2018-2545.json | 34 +-- 2018/2xxx/CVE-2018-2690.json | 150 ++++++------ 2018/6xxx/CVE-2018-6580.json | 120 ++++----- 2018/6xxx/CVE-2018-6823.json | 120 ++++----- 2018/6xxx/CVE-2018-6848.json | 34 +-- 2018/6xxx/CVE-2018-6866.json | 120 ++++----- 2018/7xxx/CVE-2018-7060.json | 120 ++++----- 2018/7xxx/CVE-2018-7974.json | 34 +-- 2019/0xxx/CVE-2019-0514.json | 34 +-- 2019/1xxx/CVE-2019-1073.json | 34 +-- 2019/1xxx/CVE-2019-1192.json | 34 +-- 2019/1xxx/CVE-2019-1312.json | 34 +-- 2019/1xxx/CVE-2019-1463.json | 34 +-- 2019/1xxx/CVE-2019-1932.json | 34 +-- 2019/5xxx/CVE-2019-5074.json | 34 +-- 2019/5xxx/CVE-2019-5547.json | 34 +-- 2019/5xxx/CVE-2019-5871.json | 34 +-- 2019/5xxx/CVE-2019-5882.json | 150 ++++++------ 68 files changed, 4531 insertions(+), 4531 deletions(-) diff --git a/1999/0xxx/CVE-1999-0068.json b/1999/0xxx/CVE-1999-0068.json index bd7b57397d2..191c6511860 100644 --- a/1999/0xxx/CVE-1999-0068.json +++ b/1999/0xxx/CVE-1999-0068.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0068", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CGI PHP mylog script allows an attacker to read any file on the target server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0068", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/713" - }, - { - "name" : "3396", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CGI PHP mylog script allows an attacker to read any file on the target server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/713" + }, + { + "name": "3396", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3396" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0380.json b/1999/0xxx/CVE-1999-0380.json index 29bdb092ab1..3a9634bd0ee 100644 --- a/1999/0xxx/CVE-1999-0380.json +++ b/1999/0xxx/CVE-1999-0380.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=91999015212415&w=2" - }, - { - "name" : "19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91996412724720&w=2" - }, - { - "name" : "SLmail 3.2 Build 3113 (Web Administration Security Fix)", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=92110501504997&w=2" - }, - { - "name" : "497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/497" - }, - { - "name" : "slmail-ras-ntfs-bypass(5392)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=91999015212415&w=2" + }, + { + "name": "497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/497" + }, + { + "name": "SLmail 3.2 Build 3113 (Web Administration Security Fix)", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=92110501504997&w=2" + }, + { + "name": "19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91996412724720&w=2" + }, + { + "name": "slmail-ras-ntfs-bypass(5392)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5392" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1039.json b/1999/1xxx/CVE-1999-1039.json index a0f8203cbbd..a6595ace9cb 100644 --- a/1999/1xxx/CVE-1999-1039.json +++ b/1999/1xxx/CVE-1999-1039.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1039", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1039", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980502-01-P3030", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980502-01-P3030", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1132.json b/1999/1xxx/CVE-1999-1132.json index 766b3c3b06f..9e0f0b1419d 100644 --- a/1999/1xxx/CVE-1999-1132.json +++ b/1999/1xxx/CVE-1999-1132.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1132", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1132", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981005 NMRC Advisory - Lame NT Token Ring DoS", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=90763508011966&w=2" - }, - { - "name" : "19981002 NMRC Advisory - Lame NT Token Ring DoS", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=90760603030452&w=2" - }, - { - "name" : "Q179157", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/Q179/1/57.asp" - }, - { - "name" : "token-ring-dos(1399)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/1399.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19981005 NMRC Advisory - Lame NT Token Ring DoS", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=90763508011966&w=2" + }, + { + "name": "19981002 NMRC Advisory - Lame NT Token Ring DoS", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=90760603030452&w=2" + }, + { + "name": "token-ring-dos(1399)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/1399.php" + }, + { + "name": "Q179157", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/Q179/1/57.asp" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1212.json b/1999/1xxx/CVE-1999-1212.json index 0dc4e43a012..45a02c8b3fa 100644 --- a/1999/1xxx/CVE-1999-1212.json +++ b/1999/1xxx/CVE-1999-1212.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1212", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1212", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CA-1991-02", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-1991-02.html" - }, - { - "name" : "sun-intelnetd(574)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/574" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sun-intelnetd(574)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/574" + }, + { + "name": "CA-1991-02", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-1991-02.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1251.json b/1999/1xxx/CVE-1999-1251.json index 00c0435cad6..2c5e934a260 100644 --- a/1999/1xxx/CVE-1999-1251.json +++ b/1999/1xxx/CVE-1999-1251.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9612-043", - "refsource" : "HP", - "url" : "http://packetstormsecurity.org/advisories/hpalert/043" - }, - { - "name" : "hp-audio-panic(2010)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2010" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hp-audio-panic(2010)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2010" + }, + { + "name": "HPSBUX9612-043", + "refsource": "HP", + "url": "http://packetstormsecurity.org/advisories/hpalert/043" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1307.json b/1999/1xxx/CVE-1999-1307.json index 3f1e72b9f51..fd58d5fc76f 100644 --- a/1999/1xxx/CVE-1999-1307.json +++ b/1999/1xxx/CVE-1999-1307.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19941209 Novell security advisory on sadc, urestore and the suid_exec feature", - "refsource" : "BUGTRAQ", - "url" : "http://www.dataguard.no/bugtraq/1994_4/0676.html" - }, - { - "name" : "F-06", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/f-06.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "F-06", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/f-06.shtml" + }, + { + "name": "19941209 Novell security advisory on sadc, urestore and the suid_exec feature", + "refsource": "BUGTRAQ", + "url": "http://www.dataguard.no/bugtraq/1994_4/0676.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0079.json b/2000/0xxx/CVE-2000-0079.json index d818ac8b153..29402f925ab 100644 --- a/2000/0xxx/CVE-2000-0079.json +++ b/2000/0xxx/CVE-2000-0079.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "936", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/936" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "936", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/936" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0263.json b/2000/0xxx/CVE-2000-0263.json index f66ad4e40a0..f6451e4808c 100644 --- a/2000/0xxx/CVE-2000-0263.json +++ b/2000/0xxx/CVE-2000-0263.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000416 xfs", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" - }, - { - "name" : "1111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1111" + }, + { + "name": "20000416 xfs", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0321.json b/2000/0xxx/CVE-2000-0321.json index cfa44973a32..a0451544cc0 100644 --- a/2000/0xxx/CVE-2000-0321.json +++ b/2000/0xxx/CVE-2000-0321.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000424 Buffer Overflow in version .14", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html" - }, - { - "name" : "1147", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000424 Buffer Overflow in version .14", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html" + }, + { + "name": "1147", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1147" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0394.json b/2000/0xxx/CVE-2000-0394.json index 601d71311cd..aebfcd33794 100644 --- a/2000/0xxx/CVE-2000-0394.json +++ b/2000/0xxx/CVE-2000-0394.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0394", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000519 RFP2K05: NetProwler vs. RFProwler", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95878603510835&w=2" - }, - { - "name" : "20000522 RFP2K05 - NetProwler \"Fragmentation\" Issue", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com" - }, - { - "name" : "1225", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1225" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000522 RFP2K05 - NetProwler \"Fragmentation\" Issue", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com" + }, + { + "name": "1225", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1225" + }, + { + "name": "20000519 RFP2K05: NetProwler vs. RFProwler", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95878603510835&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0504.json b/2000/0xxx/CVE-2000-0504.json index 2220b152edc..3349fdda811 100644 --- a/2000/0xxx/CVE-2000-0504.json +++ b/2000/0xxx/CVE-2000-0504.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000619 XFree86: libICE DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html" - }, - { - "name" : "http://www.xfree86.org/security/", - "refsource" : "CONFIRM", - "url" : "http://www.xfree86.org/security/" - }, - { - "name" : "1369", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1369" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.xfree86.org/security/", + "refsource": "CONFIRM", + "url": "http://www.xfree86.org/security/" + }, + { + "name": "1369", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1369" + }, + { + "name": "20000619 XFree86: libICE DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0646.json b/2000/0xxx/CVE-2000-0646.json index 8b12c8084c5..8a0bf6b384f 100644 --- a/2000/0xxx/CVE-2000-0646.json +++ b/2000/0xxx/CVE-2000-0646.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000721 WFTPD/WFTPD Pro 2.41 RC11 vulnerabilities.", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html" - }, - { - "name" : "1506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000721 WFTPD/WFTPD Pro 2.41 RC11 vulnerabilities.", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html" + }, + { + "name": "1506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1506" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0775.json b/2000/0xxx/CVE-2000-0775.json index ffcbf0ed793..5bb66a4e030 100644 --- a/2000/0xxx/CVE-2000-0775.json +++ b/2000/0xxx/CVE-2000-0775.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0775", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0775", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000828 [NT] Viking security vulnerabilities enable remote code execution (long URL, date parsing)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122$0d7f2310$0201a8c0@aviram" - }, - { - "name" : "http://www.robtex.com/viking/bugs.htm", - "refsource" : "CONFIRM", - "url" : "http://www.robtex.com/viking/bugs.htm" - }, - { - "name" : "1614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1614" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1614" + }, + { + "name": "http://www.robtex.com/viking/bugs.htm", + "refsource": "CONFIRM", + "url": "http://www.robtex.com/viking/bugs.htm" + }, + { + "name": "20000828 [NT] Viking security vulnerabilities enable remote code execution (long URL, date parsing)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122$0d7f2310$0201a8c0@aviram" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0786.json b/2000/0xxx/CVE-2000-0786.json index af70691ebe4..3757d92c1d8 100644 --- a/2000/0xxx/CVE-2000-0786.json +++ b/2000/0xxx/CVE-2000-0786.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0786", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0786", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000726 userv security boundary tool 1.0.1 (SECURITY FIX)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html" - }, - { - "name" : "20000727 userv: local exploit", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2000/20000727" - }, - { - "name" : "http://marc.info/?l=bugtraq&m=96473640717095&w=2", - "refsource" : "CONFIRM", - "url" : "http://marc.info/?l=bugtraq&m=96473640717095&w=2" - }, - { - "name" : "1516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1516" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000726 userv security boundary tool 1.0.1 (SECURITY FIX)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html" + }, + { + "name": "1516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1516" + }, + { + "name": "http://marc.info/?l=bugtraq&m=96473640717095&w=2", + "refsource": "CONFIRM", + "url": "http://marc.info/?l=bugtraq&m=96473640717095&w=2" + }, + { + "name": "20000727 userv: local exploit", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2000/20000727" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1201.json b/2000/1xxx/CVE-2000-1201.json index d477aaddd78..880be0749f4 100644 --- a/2000/1xxx/CVE-2000-1201.json +++ b/2000/1xxx/CVE-2000-1201.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1201", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1201", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000707 Re: CheckPoint FW1 BUG", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000707 Re: CheckPoint FW1 BUG", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2335.json b/2005/2xxx/CVE-2005-2335.json index 603f1542641..e2c3a04434c 100644 --- a/2005/2xxx/CVE-2005-2335.json +++ b/2005/2xxx/CVE-2005-2335.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060526 rPSA-2006-0084-1 fetchmail", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435197/100/0/threaded" - }, - { - "name" : "20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/441856/100/200/threaded" - }, - { - "name" : "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt", - "refsource" : "CONFIRM", - "url" : "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt" - }, - { - "name" : "http://developer.berlios.de/project/shownotes.php?release_id=6617", - "refsource" : "CONFIRM", - "url" : "http://developer.berlios.de/project/shownotes.php?release_id=6617" - }, - { - "name" : "APPLE-SA-2006-08-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" - }, - { - "name" : "DSA-774", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-774" - }, - { - "name" : "FEDORA-2005-613", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html" - }, - { - "name" : "FEDORA-2005-614", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html" - }, - { - "name" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html", - "refsource" : "MISC", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html" - }, - { - "name" : "RHSA-2005:640", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-640.html" - }, - { - "name" : "SUSE-SR:2005:018", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_18_sr.html" - }, - { - "name" : "TA06-214A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" - }, - { - "name" : "14349", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14349" - }, - { - "name" : "19289", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19289" - }, - { - "name" : "oval:org.mitre.oval:def:8833", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833" - }, - { - "name" : "ADV-2005-1171", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1171" - }, - { - "name" : "ADV-2006-3101", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3101" - }, - { - "name" : "18174", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18174" - }, - { - "name" : "oval:org.mitre.oval:def:1038", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038" - }, - { - "name" : "oval:org.mitre.oval:def:1124", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124" - }, - { - "name" : "16176", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16176" - }, - { - "name" : "21253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21253" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2006-08-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" + }, + { + "name": "14349", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14349" + }, + { + "name": "SUSE-SR:2005:018", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html" + }, + { + "name": "ADV-2006-3101", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3101" + }, + { + "name": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html", + "refsource": "MISC", + "url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html" + }, + { + "name": "ADV-2005-1171", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1171" + }, + { + "name": "21253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21253" + }, + { + "name": "19289", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19289" + }, + { + "name": "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt", + "refsource": "CONFIRM", + "url": "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt" + }, + { + "name": "18174", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18174" + }, + { + "name": "TA06-214A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" + }, + { + "name": "oval:org.mitre.oval:def:1124", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124" + }, + { + "name": "FEDORA-2005-613", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html" + }, + { + "name": "oval:org.mitre.oval:def:1038", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038" + }, + { + "name": "http://developer.berlios.de/project/shownotes.php?release_id=6617", + "refsource": "CONFIRM", + "url": "http://developer.berlios.de/project/shownotes.php?release_id=6617" + }, + { + "name": "20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/441856/100/200/threaded" + }, + { + "name": "oval:org.mitre.oval:def:8833", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833" + }, + { + "name": "DSA-774", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-774" + }, + { + "name": "RHSA-2005:640", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-640.html" + }, + { + "name": "FEDORA-2005-614", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html" + }, + { + "name": "20060526 rPSA-2006-0084-1 fetchmail", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435197/100/0/threaded" + }, + { + "name": "16176", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16176" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2954.json b/2005/2xxx/CVE-2005-2954.json index 279dcb017ce..d95314e490f 100644 --- a/2005/2xxx/CVE-2005-2954.json +++ b/2005/2xxx/CVE-2005-2954.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050914 ATutor 1.5.1 SQL Injection / Admin credentials disclosure / Information disclosure / User impersonation / Remote code execution", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112671176100432&w=2" - }, - { - "name" : "http://rgod.altervista.org/atutor151.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/atutor151.html" - }, - { - "name" : "http://www.atutor.ca/news.php#150905", - "refsource" : "CONFIRM", - "url" : "http://www.atutor.ca/news.php#150905" - }, - { - "name" : "14831", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14831" - }, - { - "name" : "ADV-2005-1751", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1751" - }, - { - "name" : "19411", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/19411" - }, - { - "name" : "16813", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16813/" - }, - { - "name" : "atutor-passwordreminder-sql-injection(22282)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14831", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14831" + }, + { + "name": "16813", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16813/" + }, + { + "name": "19411", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/19411" + }, + { + "name": "20050914 ATutor 1.5.1 SQL Injection / Admin credentials disclosure / Information disclosure / User impersonation / Remote code execution", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112671176100432&w=2" + }, + { + "name": "ADV-2005-1751", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1751" + }, + { + "name": "http://rgod.altervista.org/atutor151.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/atutor151.html" + }, + { + "name": "http://www.atutor.ca/news.php#150905", + "refsource": "CONFIRM", + "url": "http://www.atutor.ca/news.php#150905" + }, + { + "name": "atutor-passwordreminder-sql-injection(22282)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22282" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2998.json b/2005/2xxx/CVE-2005-2998.json index b1cf6a85ccb..05b4134df00 100644 --- a/2005/2xxx/CVE-2005-2998.json +++ b/2005/2xxx/CVE-2005-2998.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://rgod.altervista.org/phpatm130.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/phpatm130.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://rgod.altervista.org/phpatm130.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/phpatm130.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3744.json b/2005/3xxx/CVE-2005-3744.json index e60a3038a92..79d952a29ca 100644 --- a/2005/3xxx/CVE-2005-3744.json +++ b/2005/3xxx/CVE-2005-3744.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3744", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3744", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html", - "refsource" : "MISC", - "url" : "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html" - }, - { - "name" : "15511", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15511" - }, - { - "name" : "ADV-2005-2507", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2507" - }, - { - "name" : "20984", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20984" - }, - { - "name" : "17660", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15511", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15511" + }, + { + "name": "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html", + "refsource": "MISC", + "url": "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html" + }, + { + "name": "ADV-2005-2507", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2507" + }, + { + "name": "20984", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20984" + }, + { + "name": "17660", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17660" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5405.json b/2007/5xxx/CVE-2007-5405.json index 3af0ba9729c..7e2cb689bae 100644 --- a/2007/5xxx/CVE-2007-5405.json +++ b/2007/5xxx/CVE-2007-5405.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-5405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490837/100/0/threaded" - }, - { - "name" : "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490825/100/0/threaded" - }, - { - "name" : "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490838/100/0/threaded" - }, - { - "name" : "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490839/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2007-95/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-95/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-96/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-96/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-97/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-97/advisory/" - }, - { - "name" : "http://secunia.com/secunia_research/2007-98/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-98/advisory/" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" - }, - { - "name" : "28454", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28454" - }, - { - "name" : "ADV-2008-1153", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1153" - }, - { - "name" : "ADV-2008-1154", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1154" - }, - { - "name" : "ADV-2008-1156", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1156" - }, - { - "name" : "1019805", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019805" - }, - { - "name" : "1019844", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019844" - }, - { - "name" : "27763", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27763" - }, - { - "name" : "28140", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28140" - }, - { - "name" : "28209", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28209" - }, - { - "name" : "28210", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28210" - }, - { - "name" : "29342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29342" - }, - { - "name" : "autonomy-keyview-applix-multiple-bo(41721)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28140", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28140" + }, + { + "name": "29342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29342" + }, + { + "name": "http://secunia.com/secunia_research/2007-97/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-97/advisory/" + }, + { + "name": "27763", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27763" + }, + { + "name": "autonomy-keyview-applix-multiple-bo(41721)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" + }, + { + "name": "28209", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28209" + }, + { + "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2007-96/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-96/advisory/" + }, + { + "name": "ADV-2008-1156", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1156" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" + }, + { + "name": "28454", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28454" + }, + { + "name": "http://secunia.com/secunia_research/2007-95/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-95/advisory/" + }, + { + "name": "28210", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28210" + }, + { + "name": "1019844", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019844" + }, + { + "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded" + }, + { + "name": "ADV-2008-1154", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1154" + }, + { + "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2007-98/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-98/advisory/" + }, + { + "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded" + }, + { + "name": "1019805", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019805" + }, + { + "name": "ADV-2008-1153", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1153" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5509.json b/2007/5xxx/CVE-2007-5509.json index 57240141346..2eb19aeb425 100644 --- a/2007/5xxx/CVE-2007-5509.json +++ b/2007/5xxx/CVE-2007-5509.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "TA07-290A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" - }, - { - "name" : "ADV-2007-3524", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3524" - }, - { - "name" : "ADV-2007-3626", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3626" - }, - { - "name" : "1018823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018823" - }, - { - "name" : "27251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27251" - }, - { - "name" : "27409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "ADV-2007-3524", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3524" + }, + { + "name": "ADV-2007-3626", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3626" + }, + { + "name": "TA07-290A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "1018823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018823" + }, + { + "name": "27409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27409" + }, + { + "name": "27251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27251" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2037.json b/2009/2xxx/CVE-2009-2037.json index ded11fac1e7..42d08032332 100644 --- a/2009/2xxx/CVE-2009-2037.json +++ b/2009/2xxx/CVE-2009-2037.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2037", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2037", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8853", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8853" - }, - { - "name" : "onlinegrades-admin-file-include(50902)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50902" - }, - { - "name" : "onlinegrades-globalsskin-file-include(50901)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50901" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "onlinegrades-globalsskin-file-include(50901)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50901" + }, + { + "name": "8853", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8853" + }, + { + "name": "onlinegrades-admin-file-include(50902)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50902" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2071.json b/2009/2xxx/CVE-2009-2071.json index 35268959b82..e8ca856b5bc 100644 --- a/2009/2xxx/CVE-2009-2071.json +++ b/2009/2xxx/CVE-2009-2071.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2071", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2071", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=7338", - "refsource" : "MISC", - "url" : "http://code.google.com/p/chromium/issues/detail?id=7338" - }, - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=8473", - "refsource" : "MISC", - "url" : "http://code.google.com/p/chromium/issues/detail?id=8473" - }, - { - "name" : "http://research.microsoft.com/apps/pubs/default.aspx?id=79323", - "refsource" : "MISC", - "url" : "http://research.microsoft.com/apps/pubs/default.aspx?id=79323" - }, - { - "name" : "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf", - "refsource" : "MISC", - "url" : "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=479880", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=479880" - }, - { - "name" : "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453", - "refsource" : "CONFIRM", - "url" : "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453" - }, - { - "name" : "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669", - "refsource" : "CONFIRM", - "url" : "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669" - }, - { - "name" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669", - "refsource" : "CONFIRM", - "url" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669" - }, - { - "name" : "35411", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35411" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669", + "refsource": "CONFIRM", + "url": "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=7338", + "refsource": "MISC", + "url": "http://code.google.com/p/chromium/issues/detail?id=7338" + }, + { + "name": "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf", + "refsource": "MISC", + "url": "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf" + }, + { + "name": "35411", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35411" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=479880", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=479880" + }, + { + "name": "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453", + "refsource": "CONFIRM", + "url": "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=8473", + "refsource": "MISC", + "url": "http://code.google.com/p/chromium/issues/detail?id=8473" + }, + { + "name": "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669", + "refsource": "CONFIRM", + "url": "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669" + }, + { + "name": "http://research.microsoft.com/apps/pubs/default.aspx?id=79323", + "refsource": "MISC", + "url": "http://research.microsoft.com/apps/pubs/default.aspx?id=79323" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2457.json b/2009/2xxx/CVE-2009-2457.json index 25f22cda8f3..f8d89cd8b74 100644 --- a/2009/2xxx/CVE-2009-2457.json +++ b/2009/2xxx/CVE-2009-2457.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.novell.com/support/viewContent.do?externalId=3426981", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/viewContent.do?externalId=3426981" - }, - { - "name" : "35666", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35666" - }, - { - "name" : "55849", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/55849" - }, - { - "name" : "34160", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34160" - }, - { - "name" : "ADV-2009-1883", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1883" - }, - { - "name" : "edirectory-ldap-dos(51706)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55849", + "refsource": "OSVDB", + "url": "http://osvdb.org/55849" + }, + { + "name": "34160", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34160" + }, + { + "name": "http://www.novell.com/support/viewContent.do?externalId=3426981", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/viewContent.do?externalId=3426981" + }, + { + "name": "edirectory-ldap-dos(51706)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706" + }, + { + "name": "35666", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35666" + }, + { + "name": "ADV-2009-1883", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1883" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2597.json b/2009/2xxx/CVE-2009-2597.json index 7a1a7e1875c..7d57ff12676 100644 --- a/2009/2xxx/CVE-2009-2597.json +++ b/2009/2xxx/CVE-2009-2597.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2597", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1" - }, - { - "name" : "258508", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1" - }, - { - "name" : "35979", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1" + }, + { + "name": "258508", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1" + }, + { + "name": "35979", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35979" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2750.json b/2009/2xxx/CVE-2009-2750.json index a78bbb23bff..8c193a81f06 100644 --- a/2009/2xxx/CVE-2009-2750.json +++ b/2009/2xxx/CVE-2009-2750.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24025456", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24025456" - }, - { - "name" : "IZ66279", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ66279" - }, - { - "name" : "websphere-wsrr-property-security-bypass(55744)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55744" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24025456", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025456" + }, + { + "name": "websphere-wsrr-property-security-bypass(55744)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55744" + }, + { + "name": "IZ66279", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ66279" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2833.json b/2009/2xxx/CVE-2009-2833.json index ab39c319df7..8bed3c03f8c 100644 --- a/2009/2xxx/CVE-2009-2833.json +++ b/2009/2xxx/CVE-2009-2833.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2833", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2833", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3937", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3937" - }, - { - "name" : "APPLE-SA-2009-11-09-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" - }, - { - "name" : "36956", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36956" - }, - { - "name" : "ADV-2009-3184", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36956", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36956" + }, + { + "name": "ADV-2009-3184", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3184" + }, + { + "name": "APPLE-SA-2009-11-09-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" + }, + { + "name": "http://support.apple.com/kb/HT3937", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3937" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3963.json b/2009/3xxx/CVE-2009-3963.json index c3510db1acf..df4ada1bd98 100644 --- a/2009/3xxx/CVE-2009-3963.json +++ b/2009/3xxx/CVE-2009-3963.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3963", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3963", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.xoops.org/modules/news/article.php?storyid=5064", - "refsource" : "CONFIRM", - "url" : "http://www.xoops.org/modules/news/article.php?storyid=5064" - }, - { - "name" : "36955", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36955" - }, - { - "name" : "ADV-2009-3174", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3174" - }, - { - "name" : "xoops-multiple-unspecified(54181)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54181" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "xoops-multiple-unspecified(54181)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54181" + }, + { + "name": "36955", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36955" + }, + { + "name": "ADV-2009-3174", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3174" + }, + { + "name": "http://www.xoops.org/modules/news/article.php?storyid=5064", + "refsource": "CONFIRM", + "url": "http://www.xoops.org/modules/news/article.php?storyid=5064" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0356.json b/2015/0xxx/CVE-2015-0356.json index 3de548593f6..3c6a6aff7d1 100644 --- a/2015/0xxx/CVE-2015-0356.json +++ b/2015/0xxx/CVE-2015-0356.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0356", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-0356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" - }, - { - "name" : "GLSA-201504-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-07" - }, - { - "name" : "RHSA-2015:0813", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0813.html" - }, - { - "name" : "SUSE-SU-2015:0722", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:0723", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:0718", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:0725", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" - }, - { - "name" : "1032105", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0718", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" + }, + { + "name": "SUSE-SU-2015:0722", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" + }, + { + "name": "GLSA-201504-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-07" + }, + { + "name": "1032105", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032105" + }, + { + "name": "RHSA-2015:0813", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0813.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" + }, + { + "name": "openSUSE-SU-2015:0725", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" + }, + { + "name": "SUSE-SU-2015:0723", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0574.json b/2015/0xxx/CVE-2015-0574.json index 2169ea4c619..e42e1fbab4f 100644 --- a/2015/0xxx/CVE-2015-0574.json +++ b/2015/0xxx/CVE-2015-0574.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-0574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control in UIM" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-0574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control in UIM" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0632.json b/2015/0xxx/CVE-2015-0632.json index 1fa9daae94d..f3c6fb0b26e 100644 --- a/2015/0xxx/CVE-2015-0632.json +++ b/2015/0xxx/CVE-2015-0632.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150226 Vulnerability in IPv6 Neighbor Discovery in Cisco IOS and IOS-XE Software", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0632" - }, - { - "name" : "72797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72797" - }, - { - "name" : "1031816", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72797" + }, + { + "name": "1031816", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031816" + }, + { + "name": "20150226 Vulnerability in IPv6 Neighbor Discovery in Cisco IOS and IOS-XE Software", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0632" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0994.json b/2015/0xxx/CVE-2015-0994.json index 060e86dd260..98a7387cce0 100644 --- a/2015/0xxx/CVE-2015-0994.json +++ b/2015/0xxx/CVE-2015-0994.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-0994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3294.json b/2015/3xxx/CVE-2015-3294.json index 248c3d87c36..98beb6d3aaf 100644 --- a/2015/3xxx/CVE-2015-3294.json +++ b/2015/3xxx/CVE-2015-3294.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3294", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3294", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150423 Dnsmasq 2.72 Unchecked returned value", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535354/100/1100/threaded" - }, - { - "name" : "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", - "refsource" : "MLIST", - "url" : "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html" - }, - { - "name" : "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", - "refsource" : "MLIST", - "url" : "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html" - }, - { - "name" : "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8", - "refsource" : "CONFIRM", - "url" : "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" - }, - { - "name" : "DSA-3251", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3251" - }, - { - "name" : "GLSA-201512-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-01" - }, - { - "name" : "openSUSE-SU-2015:0857", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html" - }, - { - "name" : "USN-2593-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2593-1" - }, - { - "name" : "74452", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74452" - }, - { - "name" : "1032195", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032195" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3251", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3251" + }, + { + "name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", + "refsource": "MLIST", + "url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html" + }, + { + "name": "openSUSE-SU-2015:0857", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html" + }, + { + "name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8", + "refsource": "CONFIRM", + "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" + }, + { + "name": "USN-2593-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2593-1" + }, + { + "name": "GLSA-201512-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-01" + }, + { + "name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", + "refsource": "MLIST", + "url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html" + }, + { + "name": "1032195", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032195" + }, + { + "name": "74452", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74452" + }, + { + "name": "20150423 Dnsmasq 2.72 Unchecked returned value", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3397.json b/2015/3xxx/CVE-2015-3397.json index 0b1ab58df64..ea031eff693 100644 --- a/2015/3xxx/CVE-2015-3397.json +++ b/2015/3xxx/CVE-2015-3397.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/", - "refsource" : "CONFIRM", - "url" : "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/" - }, - { - "name" : "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md" - }, - { - "name" : "74663", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74663", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74663" + }, + { + "name": "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/", + "refsource": "CONFIRM", + "url": "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/" + }, + { + "name": "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md", + "refsource": "CONFIRM", + "url": "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4465.json b/2015/4xxx/CVE-2015-4465.json index 17920d071d5..ffed5dfc341 100644 --- a/2015/4xxx/CVE-2015-4465.json +++ b/2015/4xxx/CVE-2015-4465.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4465", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wordpress.org/plugins/zm-ajax-login-register/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/zm-ajax-login-register/changelog/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/zm-ajax-login-register/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/zm-ajax-login-register/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4843.json b/2015/4xxx/CVE-2015-4843.json index 814c5eb3a5b..68716a947df 100644 --- a/2015/4xxx/CVE-2015-4843.json +++ b/2015/4xxx/CVE-2015-4843.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3381", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3381" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2015:2506", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" - }, - { - "name" : "RHSA-2015:2507", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" - }, - { - "name" : "RHSA-2015:2508", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" - }, - { - "name" : "RHSA-2015:2509", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" - }, - { - "name" : "RHSA-2015:2518", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" - }, - { - "name" : "RHSA-2015:1919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" - }, - { - "name" : "RHSA-2015:1920", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" - }, - { - "name" : "RHSA-2015:1921", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" - }, - { - "name" : "RHSA-2015:1926", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" - }, - { - "name" : "RHSA-2015:1927", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" - }, - { - "name" : "RHSA-2015:1928", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" - }, - { - "name" : "SUSE-SU-2016:0113", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:0270", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" - }, - { - "name" : "SUSE-SU-2015:2166", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:2168", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:2182", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" - }, - { - "name" : "SUSE-SU-2015:2192", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:2216", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" - }, - { - "name" : "SUSE-SU-2015:2268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" - }, - { - "name" : "SUSE-SU-2015:1874", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:1875", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" - }, - { - "name" : "openSUSE-SU-2015:1902", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:1905", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:1906", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:1971", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" - }, - { - "name" : "USN-2827-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2827-1" - }, - { - "name" : "USN-2784-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2784-1" - }, - { - "name" : "77160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77160" - }, - { - "name" : "1033884", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2182", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" + }, + { + "name": "USN-2784-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2784-1" + }, + { + "name": "openSUSE-SU-2015:1905", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" + }, + { + "name": "SUSE-SU-2015:2192", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" + }, + { + "name": "openSUSE-SU-2015:1906", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" + }, + { + "name": "RHSA-2015:2507", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html" + }, + { + "name": "RHSA-2015:1928", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2015:2506", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html" + }, + { + "name": "RHSA-2015:2509", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html" + }, + { + "name": "1033884", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033884" + }, + { + "name": "SUSE-SU-2015:2166", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "openSUSE-SU-2016:0270", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" + }, + { + "name": "RHSA-2015:1919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "openSUSE-SU-2015:1902", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" + }, + { + "name": "RHSA-2015:1920", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html" + }, + { + "name": "RHSA-2015:2518", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "SUSE-SU-2015:2216", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" + }, + { + "name": "RHSA-2015:1927", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html" + }, + { + "name": "openSUSE-SU-2015:1971", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" + }, + { + "name": "SUSE-SU-2015:2268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" + }, + { + "name": "SUSE-SU-2015:2168", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" + }, + { + "name": "RHSA-2015:1921", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html" + }, + { + "name": "SUSE-SU-2015:1874", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" + }, + { + "name": "DSA-3381", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3381" + }, + { + "name": "RHSA-2015:1926", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html" + }, + { + "name": "77160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77160" + }, + { + "name": "SUSE-SU-2015:1875", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" + }, + { + "name": "RHSA-2015:2508", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html" + }, + { + "name": "SUSE-SU-2016:0113", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" + }, + { + "name": "USN-2827-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2827-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8089.json b/2015/8xxx/CVE-2015-8089.json index efb5fe11804..589c81e3b35 100644 --- a/2015/8xxx/CVE-2015-8089.json +++ b/2015/8xxx/CVE-2015-8089.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8291.json b/2015/8xxx/CVE-2015-8291.json index d193f3bb6f8..141b93cbe82 100644 --- a/2015/8xxx/CVE-2015-8291.json +++ b/2015/8xxx/CVE-2015-8291.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8291", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8291", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8368.json b/2015/8xxx/CVE-2015-8368.json index 48d16284fcf..ac39887640c 100644 --- a/2015/8xxx/CVE-2015-8368.json +++ b/2015/8xxx/CVE-2015-8368.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8368", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38836", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38836/" - }, - { - "name" : "20151209 ntop-ng <= 2.0.151021 - Privilege Escalation", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/10" - }, - { - "name" : "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html" + }, + { + "name": "20151209 ntop-ng <= 2.0.151021 - Privilege Escalation", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/10" + }, + { + "name": "38836", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38836/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8463.json b/2015/8xxx/CVE-2015-8463.json index 8066ad7002c..61c49542869 100644 --- a/2015/8xxx/CVE-2015-8463.json +++ b/2015/8xxx/CVE-2015-8463.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8463", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8463", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8723.json b/2015/8xxx/CVE-2015-8723.json index d2d6e93f11c..2081dd1c89d 100644 --- a/2015/8xxx/CVE-2015-8723.json +++ b/2015/8xxx/CVE-2015-8723.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-42.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-42.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "DSA-3505", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3505" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "79382", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79382" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790" + }, + { + "name": "79382", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79382" + }, + { + "name": "DSA-3505", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3505" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-42.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-42.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9046.json b/2015/9xxx/CVE-2015-9046.json index 55d6c4ea6be..c994dd2503f 100644 --- a/2015/9xxx/CVE-2015-9046.json +++ b/2015/9xxx/CVE-2015-9046.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2015-9046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Reachable Assertion Vulnerability in LTE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2015-9046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reachable Assertion Vulnerability in LTE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9218.json b/2015/9xxx/CVE-2015-9218.json index 73f9a5fdb24..ed2118b2d3d 100644 --- a/2015/9xxx/CVE-2015-9218.json +++ b/2015/9xxx/CVE-2015-9218.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9218", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Reachable Assertion in Video." - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9218", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reachable Assertion in Video." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5178.json b/2016/5xxx/CVE-2016-5178.json index 842d8e27510..ba19b02af21 100644 --- a/2016/5xxx/CVE-2016-5178.json +++ b/2016/5xxx/CVE-2016-5178.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5178", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5178", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=645028", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=645028" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=651092", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=651092" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380632", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380632" - }, - { - "name" : "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html" - }, - { - "name" : "DSA-3683", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3683" - }, - { - "name" : "FEDORA-2016-a90040934d", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNUTOWCXLWVXOTGQUS53DSRVTO3J226Z/" - }, - { - "name" : "FEDORA-2016-d61c4f72da", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FWZVE5PX27FWPLGOPDA7ZC5MILOWN6K/" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:2007", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2007.html" - }, - { - "name" : "openSUSE-SU-2016:2429", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00000.html" - }, - { - "name" : "openSUSE-SU-2016:2432", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00001.html" - }, - { - "name" : "93238", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93238" - }, - { - "name" : "1036970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3683", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3683" + }, + { + "name": "93238", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93238" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=651092", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=651092" + }, + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=645028", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=645028" + }, + { + "name": "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html" + }, + { + "name": "openSUSE-SU-2016:2432", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00001.html" + }, + { + "name": "1036970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036970" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1380632", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380632" + }, + { + "name": "RHSA-2016:2007", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2007.html" + }, + { + "name": "FEDORA-2016-a90040934d", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNUTOWCXLWVXOTGQUS53DSRVTO3J226Z/" + }, + { + "name": "openSUSE-SU-2016:2429", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00000.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "FEDORA-2016-d61c4f72da", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FWZVE5PX27FWPLGOPDA7ZC5MILOWN6K/" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5231.json b/2016/5xxx/CVE-2016-5231.json index f62016dc424..10b4e456898 100644 --- a/2016/5xxx/CVE-2016-5231.json +++ b/2016/5xxx/CVE-2016-5231.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5231", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en" - }, - { - "name" : "91556", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91556" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91556", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91556" + }, + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5427.json b/2016/5xxx/CVE-2016-5427.json index eee19bc6305..8fd24ed1b6d 100644 --- a/2016/5xxx/CVE-2016-5427.json +++ b/2016/5xxx/CVE-2016-5427.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/09/3" - }, - { - "name" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/", - "refsource" : "CONFIRM", - "url" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/" - }, - { - "name" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3", - "refsource" : "CONFIRM", - "url" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3" - }, - { - "name" : "DSA-3664", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3664" - }, - { - "name" : "92917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92917" - }, - { - "name" : "1036761", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3", + "refsource": "CONFIRM", + "url": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3" + }, + { + "name": "1036761", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036761" + }, + { + "name": "DSA-3664", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3664" + }, + { + "name": "92917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92917" + }, + { + "name": "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/09/3" + }, + { + "name": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/", + "refsource": "CONFIRM", + "url": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5599.json b/2016/5xxx/CVE-2016-5599.json index 7bd106a52c3..bfcbf9d6782 100644 --- a/2016/5xxx/CVE-2016-5599.json +++ b/2016/5xxx/CVE-2016-5599.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5599", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5599", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93619" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2386.json b/2018/2xxx/CVE-2018-2386.json index 8f97bdd5f32..889769671eb 100644 --- a/2018/2xxx/CVE-2018-2386.json +++ b/2018/2xxx/CVE-2018-2386.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2386", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Internet Graphics Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.20" - }, - { - "version_affected" : "=", - "version_value" : "7.20EXT" - }, - { - "version_affected" : "=", - "version_value" : "7.45" - }, - { - "version_affected" : "=", - "version_value" : "7.49" - }, - { - "version_affected" : "=", - "version_value" : "7.53" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial-of-Service" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2386", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Internet Graphics Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.20" + }, + { + "version_affected": "=", + "version_value": "7.20EXT" + }, + { + "version_affected": "=", + "version_value": "7.45" + }, + { + "version_affected": "=", + "version_value": "7.49" + }, + { + "version_affected": "=", + "version_value": "7.53" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" - }, - { - "name" : "https://launchpad.support.sap.com/#/notes/2525222", - "refsource" : "CONFIRM", - "url" : "https://launchpad.support.sap.com/#/notes/2525222" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial-of-Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2525222", + "refsource": "CONFIRM", + "url": "https://launchpad.support.sap.com/#/notes/2525222" + }, + { + "name": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2497.json b/2018/2xxx/CVE-2018-2497.json index a30bff7a8ae..db4df30c569 100644 --- a/2018/2xxx/CVE-2018-2497.json +++ b/2018/2xxx/CVE-2018-2497.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2497", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP HANA", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "1.0" - }, - { - "version_name" : "=", - "version_value" : "2.0" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE AS SELECT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Other" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2497", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP HANA", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "1.0" + }, + { + "version_name": "=", + "version_value": "2.0" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2704878", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2704878" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699" - }, - { - "name" : "106152", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106152" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE AS SELECT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699" + }, + { + "name": "106152", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106152" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2704878", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2704878" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2545.json b/2018/2xxx/CVE-2018-2545.json index d0a4efb7c7f..c6d6f7cebb2 100644 --- a/2018/2xxx/CVE-2018-2545.json +++ b/2018/2xxx/CVE-2018-2545.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2545", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2545", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2690.json b/2018/2xxx/CVE-2018-2690.json index ca760620c5b..3c9dd4911b6 100644 --- a/2018/2xxx/CVE-2018-2690.json +++ b/2018/2xxx/CVE-2018-2690.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.1.32" - }, - { - "version_affected" : "<", - "version_value" : "5.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.1.32" + }, + { + "version_affected": "<", + "version_value": "5.2.6" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102694" - }, - { - "name" : "1040202", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040202", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040202" + }, + { + "name": "102694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102694" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6580.json b/2018/6xxx/CVE-2018-6580.json index 2adb397b115..224576c0aa9 100644 --- a/2018/6xxx/CVE-2018-6580.json +++ b/2018/6xxx/CVE-2018-6580.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43958", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43958" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43958", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43958" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6823.json b/2018/6xxx/CVE-2018-6823.json index a7dc24bbd21..b4f646e6bbd 100644 --- a/2018/6xxx/CVE-2018-6823.json +++ b/2018/6xxx/CVE-2018-6823.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md", - "refsource" : "MISC", - "url" : "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md", + "refsource": "MISC", + "url": "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6848.json b/2018/6xxx/CVE-2018-6848.json index 0f40f1fa392..7b543bdbf5b 100644 --- a/2018/6xxx/CVE-2018-6848.json +++ b/2018/6xxx/CVE-2018-6848.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6848", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6848", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6866.json b/2018/6xxx/CVE-2018-6866.json index fb89cb154df..f861c875cb4 100644 --- a/2018/6xxx/CVE-2018-6866.json +++ b/2018/6xxx/CVE-2018-6866.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6866", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44170", - "refsource" : "EXPLOIT-DB", - "url" : "https://exploit-db.com/exploits/44170" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44170", + "refsource": "EXPLOIT-DB", + "url": "https://exploit-db.com/exploits/44170" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7060.json b/2018/7xxx/CVE-2018-7060.json index 0014b7330ba..282539c985d 100644 --- a/2018/7xxx/CVE-2018-7060.json +++ b/2018/7xxx/CVE-2018-7060.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "ID" : "CVE-2018-7060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Aruba ClearPass", - "version" : { - "version_data" : [ - { - "version_value" : "6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "authenticated sessions are vulnerable to cross site request forgery (CSRF)" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "ID": "CVE-2018-7060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Aruba ClearPass", + "version": { + "version_data": [ + { + "version_value": "6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt", - "refsource" : "CONFIRM", - "url" : "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "authenticated sessions are vulnerable to cross site request forgery (CSRF)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt", + "refsource": "CONFIRM", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7974.json b/2018/7xxx/CVE-2018-7974.json index 1bea5ace375..3218a9750a4 100644 --- a/2018/7xxx/CVE-2018-7974.json +++ b/2018/7xxx/CVE-2018-7974.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7974", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7974", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0514.json b/2019/0xxx/CVE-2019-0514.json index 74479827508..c55dd209b43 100644 --- a/2019/0xxx/CVE-2019-0514.json +++ b/2019/0xxx/CVE-2019-0514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0514", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0514", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1073.json b/2019/1xxx/CVE-2019-1073.json index 288219fc581..05ab8c4833a 100644 --- a/2019/1xxx/CVE-2019-1073.json +++ b/2019/1xxx/CVE-2019-1073.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1073", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1073", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1192.json b/2019/1xxx/CVE-2019-1192.json index aa6a17e5d00..f3bba7c990c 100644 --- a/2019/1xxx/CVE-2019-1192.json +++ b/2019/1xxx/CVE-2019-1192.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1192", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1192", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1312.json b/2019/1xxx/CVE-2019-1312.json index 1d0acd1ddc3..b98a799e1b8 100644 --- a/2019/1xxx/CVE-2019-1312.json +++ b/2019/1xxx/CVE-2019-1312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1463.json b/2019/1xxx/CVE-2019-1463.json index c618c3c93f6..0e1391b379a 100644 --- a/2019/1xxx/CVE-2019-1463.json +++ b/2019/1xxx/CVE-2019-1463.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1463", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1463", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1932.json b/2019/1xxx/CVE-2019-1932.json index 6ae425c0ed7..f7d36ccf5cb 100644 --- a/2019/1xxx/CVE-2019-1932.json +++ b/2019/1xxx/CVE-2019-1932.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1932", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1932", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5074.json b/2019/5xxx/CVE-2019-5074.json index 8d42a3045e3..716e9d87f4e 100644 --- a/2019/5xxx/CVE-2019-5074.json +++ b/2019/5xxx/CVE-2019-5074.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5074", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5074", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5547.json b/2019/5xxx/CVE-2019-5547.json index df46bef0c74..2a42b64222b 100644 --- a/2019/5xxx/CVE-2019-5547.json +++ b/2019/5xxx/CVE-2019-5547.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5547", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5547", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5871.json b/2019/5xxx/CVE-2019-5871.json index 7c80e07b013..86e5dffb2e2 100644 --- a/2019/5xxx/CVE-2019-5871.json +++ b/2019/5xxx/CVE-2019-5871.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5871", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5871", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5882.json b/2019/5xxx/CVE-2019-5882.json index f007c0cff82..5a080f44b80 100644 --- a/2019/5xxx/CVE-2019-5882.json +++ b/2019/5xxx/CVE-2019-5882.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5882", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5882", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/irssi/irssi/pull/948", - "refsource" : "MISC", - "url" : "https://github.com/irssi/irssi/pull/948" - }, - { - "name" : "https://irssi.org/NEWS/#v1-1-2", - "refsource" : "MISC", - "url" : "https://irssi.org/NEWS/#v1-1-2" - }, - { - "name" : "https://irssi.org/security/irssi_sa_2019_01.txt", - "refsource" : "MISC", - "url" : "https://irssi.org/security/irssi_sa_2019_01.txt" - }, - { - "name" : "USN-3862-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3862-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://irssi.org/security/irssi_sa_2019_01.txt", + "refsource": "MISC", + "url": "https://irssi.org/security/irssi_sa_2019_01.txt" + }, + { + "name": "https://irssi.org/NEWS/#v1-1-2", + "refsource": "MISC", + "url": "https://irssi.org/NEWS/#v1-1-2" + }, + { + "name": "https://github.com/irssi/irssi/pull/948", + "refsource": "MISC", + "url": "https://github.com/irssi/irssi/pull/948" + }, + { + "name": "USN-3862-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3862-1/" + } + ] + } +} \ No newline at end of file