diff --git a/1999/0xxx/CVE-1999-0326.json b/1999/0xxx/CVE-1999-0326.json index 0c0bf3fad80..3ca99e55736 100644 --- a/1999/0xxx/CVE-1999-0326.json +++ b/1999/0xxx/CVE-1999-0326.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in HP-UX mediainit program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9710-071", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9710-071" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in HP-UX mediainit program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX9710-071", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9710-071" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0797.json b/1999/0xxx/CVE-1999-0797.json index 0428e599c03..cab8dd4344f 100644 --- a/1999/0xxx/CVE-1999-0797.json +++ b/1999/0xxx/CVE-1999-0797.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "I-070", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/i-070.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "I-070", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/i-070.shtml" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0928.json b/1999/0xxx/CVE-1999-0928.json index ea97f9e0876..8d0354c6352 100644 --- a/1999/0xxx/CVE-1999-0928.json +++ b/1999/0xxx/CVE-1999-0928.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0928", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0928", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/278" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/278" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0951.json b/1999/0xxx/CVE-1999-0951.json index e839b12ce7b..0960acee5c4 100644 --- a/1999/0xxx/CVE-1999-0951.json +++ b/1999/0xxx/CVE-1999-0951.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0951", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0951", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "739", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/739" - }, - { - "name" : "3380", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3380", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3380" + }, + { + "name": "739", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/739" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1246.json b/1999/1xxx/CVE-1999-1246.json index dc345e81eb3..7089d3585fd 100644 --- a/1999/1xxx/CVE-1999-1246.json +++ b/1999/1xxx/CVE-1999-1246.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q229972", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/Q229/9/72.asp" - }, - { - "name" : "siteserver-directmail-passwords(2068)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2068" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q229972", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/Q229/9/72.asp" + }, + { + "name": "siteserver-directmail-passwords(2068)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2068" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1453.json b/1999/1xxx/CVE-1999-1453.json index f5816aba862..87b196b79ea 100644 --- a/1999/1xxx/CVE-1999-1453.json +++ b/1999/1xxx/CVE-1999-1453.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990222 New IE4 vulnerability : the clipboard again.", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=91979439932341&w=2" - }, - { - "name" : "215", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990222 New IE4 vulnerability : the clipboard again.", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=91979439932341&w=2" + }, + { + "name": "215", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/215" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1551.json b/1999/1xxx/CVE-1999-1551.json index 40a21bbbf47..6f12c419d8c 100644 --- a/1999/1xxx/CVE-1999-1551.json +++ b/1999/1xxx/CVE-1999-1551.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990302 Multiple IMail Vulnerabilites", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=92038879607336&w=2" - }, - { - "name" : "505", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/505" - }, - { - "name" : "imail-websvc-overflow(1898)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "imail-websvc-overflow(1898)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1898" + }, + { + "name": "505", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/505" + }, + { + "name": "19990302 Multiple IMail Vulnerabilites", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=92038879607336&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0189.json b/2000/0xxx/CVE-2000-0189.json index 2491bd7a5ef..df472135b5b 100644 --- a/2000/0xxx/CVE-2000-0189.json +++ b/2000/0xxx/CVE-2000-0189.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1021", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1021", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1021" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0309.json b/2000/0xxx/CVE-2000-0309.json index 58605b1ae12..e6bbe50c8f3 100644 --- a/2000/0xxx/CVE-2000-0309.json +++ b/2000/0xxx/CVE-2000-0309.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990212 i386 trace-trap handling when DDB was configured could cause a system crash.", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata24.html#trctrap" - }, - { - "name" : "6126", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6126" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990212 i386 trace-trap handling when DDB was configured could cause a system crash.", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata24.html#trctrap" + }, + { + "name": "6126", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6126" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0357.json b/2000/0xxx/CVE-2000-0357.json index 8db639e6f65..a0e889b8fea 100644 --- a/2000/0xxx/CVE-2000-0357.json +++ b/2000/0xxx/CVE-2000-0357.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0357", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0357", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-1999:058-01", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-1999:058-01", + "refsource": "REDHAT", + "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0380.json b/2000/0xxx/CVE-2000-0380.json index 467c6164574..19f96dfe427 100644 --- a/2000/0xxx/CVE-2000-0380.json +++ b/2000/0xxx/CVE-2000-0380.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000426 Cisco HTTP possible bug:", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html" - }, - { - "name" : "20000514 Cisco IOS HTTP Server Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml" - }, - { - "name" : "1154", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1154" - }, - { - "name" : "1302", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000514 Cisco IOS HTTP Server Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml" + }, + { + "name": "20000426 Cisco HTTP possible bug:", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html" + }, + { + "name": "1302", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1302" + }, + { + "name": "1154", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1154" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0397.json b/2000/0xxx/CVE-2000-0397.json index caa72fe61cb..33e384edf1d 100644 --- a/2000/0xxx/CVE-2000-0397.json +++ b/2000/0xxx/CVE-2000-0397.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000515 Vulnerability in EMURL-based e-mail providers", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html" - }, - { - "name" : "1203", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000515 Vulnerability in EMURL-based e-mail providers", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html" + }, + { + "name": "1203", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1203" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0405.json b/2000/0xxx/CVE-2000-0405.json index 973310f8e77..c95bf9862de 100644 --- a/2000/0xxx/CVE-2000-0405.json +++ b/2000/0xxx/CVE-2000-0405.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000515 AntiSniff version 1.01 and Researchers version 1 DNS overflow", - "refsource" : "L0PHT", - "url" : "http://www.l0pht.com/advisories/asniff_advisory.txt" - }, - { - "name" : "1207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1207" - }, - { - "name" : "3179", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3179" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1207" + }, + { + "name": "20000515 AntiSniff version 1.01 and Researchers version 1 DNS overflow", + "refsource": "L0PHT", + "url": "http://www.l0pht.com/advisories/asniff_advisory.txt" + }, + { + "name": "3179", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3179" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0406.json b/2000/0xxx/CVE-2000-0406.json index 675df2035d3..aa263686416 100644 --- a/2000/0xxx/CVE-2000-0406.json +++ b/2000/0xxx/CVE-2000-0406.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0406", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt", - "refsource" : "MISC", - "url" : "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt" - }, - { - "name" : "CA-2000-05", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-05.html" - }, - { - "name" : "RHSA-2000:028", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-028.html" - }, - { - "name" : "1188", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt", + "refsource": "MISC", + "url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt" + }, + { + "name": "RHSA-2000:028", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-028.html" + }, + { + "name": "CA-2000-05", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-05.html" + }, + { + "name": "1188", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1188" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0878.json b/2000/0xxx/CVE-2000-0878.json index 7c85f0869f2..05b8b567165 100644 --- a/2000/0xxx/CVE-2000-0878.json +++ b/2000/0xxx/CVE-2000-0878.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000911 Fwd: Poor variable checking in mailto.cgi", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0088.html" - }, - { - "name" : "1669", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1669" - }, - { - "name" : "mailto-piped-address(5241)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000911 Fwd: Poor variable checking in mailto.cgi", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0088.html" + }, + { + "name": "1669", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1669" + }, + { + "name": "mailto-piped-address(5241)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5241" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1040.json b/2000/1xxx/CVE-2000-1040.json index afbd5013ed4..d2a36555220 100644 --- a/2000/1xxx/CVE-2000-1040.json +++ b/2000/1xxx/CVE-2000-1040.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001014 nis: local exploit", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2000/20001014" - }, - { - "name" : "MDKSA-2000:064", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1" - }, - { - "name" : "SuSE-SA:2000:042", - "refsource" : "SUSE", - "url" : "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html" - }, - { - "name" : "RHSA-2000:086", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-086.html" - }, - { - "name" : "CSSA-2000-039.0", - "refsource" : "CALDERA", - "url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt" - }, - { - "name" : "20001025 Immunix OS Security Update for ypbind package", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0356.html" - }, - { - "name" : "20001030 Trustix Security Advisory - ping gnupg ypbind", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" - }, - { - "name" : "ypbind-printf-format-string(5394)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5394" - }, - { - "name" : "1820", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1820" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" + }, + { + "name": "20001025 Immunix OS Security Update for ypbind package", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0356.html" + }, + { + "name": "ypbind-printf-format-string(5394)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5394" + }, + { + "name": "RHSA-2000:086", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-086.html" + }, + { + "name": "20001014 nis: local exploit", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2000/20001014" + }, + { + "name": "1820", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1820" + }, + { + "name": "SuSE-SA:2000:042", + "refsource": "SUSE", + "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html" + }, + { + "name": "CSSA-2000-039.0", + "refsource": "CALDERA", + "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt" + }, + { + "name": "MDKSA-2000:064", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1160.json b/2000/1xxx/CVE-2000-1160.json index 8c88dabbe82..10ecafad54b 100644 --- a/2000/1xxx/CVE-2000-1160.json +++ b/2000/1xxx/CVE-2000-1160.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1160", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1160", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001102 Remotely exploitable buffer overflow in NAI's Distributed Sniffer Agent", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html" - }, - { - "name" : "1903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1903" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001102 Remotely exploitable buffer overflow in NAI's Distributed Sniffer Agent", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0038.html" + }, + { + "name": "1903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1903" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2076.json b/2005/2xxx/CVE-2005-2076.json index 59489316b5e..18e2af609c6 100644 --- a/2005/2xxx/CVE-2005-2076.json +++ b/2005/2xxx/CVE-2005-2076.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the \"@\" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA01166", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/advisories/8734" - }, - { - "name" : "SSRT5955", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/advisories/8734" - }, - { - "name" : "14032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14032" - }, - { - "name" : "1014267", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014267" - }, - { - "name" : "15790", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15790" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the \"@\" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT5955", + "refsource": "HP", + "url": "http://www.securityfocus.com/advisories/8734" + }, + { + "name": "15790", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15790" + }, + { + "name": "HPSBMA01166", + "refsource": "HP", + "url": "http://www.securityfocus.com/advisories/8734" + }, + { + "name": "1014267", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014267" + }, + { + "name": "14032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14032" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2520.json b/2005/2xxx/CVE-2005-2520.json index 1642b0c5a3f..f3a77ca6ef1 100644 --- a/2005/2xxx/CVE-2005-2520.json +++ b/2005/2xxx/CVE-2005-2520.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-08-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2005-08-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" - }, - { - "name" : "1014707", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The password assistant in Mac OS X 10.4 to 10.4.2, when used to create multiple accounts from the same process, does not reset the suggested password list when the assistant is displayed, which allows attackers to view recently used passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014707", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014707" + }, + { + "name": "APPLE-SA-2005-08-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" + }, + { + "name": "APPLE-SA-2005-08-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2702.json b/2005/2xxx/CVE-2005-2702.json index 949bf2e6787..7f5656657ec 100644 --- a/2005/2xxx/CVE-2005-2702.json +++ b/2005/2xxx/CVE-2005-2702.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with \"zero-width non-joiner\" characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/mfsa2005-58.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/mfsa2005-58.html" - }, - { - "name" : "DSA-868", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-868" - }, - { - "name" : "DSA-838", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-838" - }, - { - "name" : "DSA-866", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-866" - }, - { - "name" : "FLSA-2006:168375", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" - }, - { - "name" : "MDKSA-2005:169", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" - }, - { - "name" : "MDKSA-2005:170", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" - }, - { - "name" : "MDKSA-2005:174", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" - }, - { - "name" : "RHSA-2005:785", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-785.html" - }, - { - "name" : "RHSA-2005:789", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-789.html" - }, - { - "name" : "RHSA-2005:791", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-791.html" - }, - { - "name" : "SCOSA-2005.49", - "refsource" : "SCO", - "url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" - }, - { - "name" : "SUSE-SA:2005:058", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" - }, - { - "name" : "USN-200-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-200-1" - }, - { - "name" : "14918", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14918" - }, - { - "name" : "15495", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15495" - }, - { - "name" : "oval:org.mitre.oval:def:11609", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11609" - }, - { - "name" : "ADV-2005-1824", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1824" - }, - { - "name" : "oval:org.mitre.oval:def:1150", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1150" - }, - { - "name" : "1014954", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014954" - }, - { - "name" : "16911", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16911" - }, - { - "name" : "16917", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16917" - }, - { - "name" : "17042", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17042" - }, - { - "name" : "17090", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17090" - }, - { - "name" : "17149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17149" - }, - { - "name" : "17284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17284" - }, - { - "name" : "17026", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17026" - }, - { - "name" : "17263", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17263" - }, - { - "name" : "16977", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16977" - }, - { - "name" : "17014", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17014" - }, - { - "name" : "mozilla-zerowidthnonjoiner-stack-corruption(22375)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22375" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with \"zero-width non-joiner\" characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2005:169", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" + }, + { + "name": "DSA-868", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-868" + }, + { + "name": "ADV-2005-1824", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1824" + }, + { + "name": "FLSA-2006:168375", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" + }, + { + "name": "SCOSA-2005.49", + "refsource": "SCO", + "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" + }, + { + "name": "14918", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14918" + }, + { + "name": "15495", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15495" + }, + { + "name": "1014954", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014954" + }, + { + "name": "RHSA-2005:789", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html" + }, + { + "name": "oval:org.mitre.oval:def:11609", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11609" + }, + { + "name": "17026", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17026" + }, + { + "name": "RHSA-2005:791", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html" + }, + { + "name": "USN-200-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-200-1" + }, + { + "name": "17042", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17042" + }, + { + "name": "DSA-866", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-866" + }, + { + "name": "mozilla-zerowidthnonjoiner-stack-corruption(22375)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22375" + }, + { + "name": "http://www.mozilla.org/security/announce/mfsa2005-58.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html" + }, + { + "name": "oval:org.mitre.oval:def:1150", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1150" + }, + { + "name": "17284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17284" + }, + { + "name": "17149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17149" + }, + { + "name": "17263", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17263" + }, + { + "name": "16917", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16917" + }, + { + "name": "DSA-838", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-838" + }, + { + "name": "17014", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17014" + }, + { + "name": "RHSA-2005:785", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html" + }, + { + "name": "SUSE-SA:2005:058", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" + }, + { + "name": "MDKSA-2005:174", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" + }, + { + "name": "17090", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17090" + }, + { + "name": "16911", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16911" + }, + { + "name": "16977", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16977" + }, + { + "name": "MDKSA-2005:170", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3321.json b/2005/3xxx/CVE-2005-3321.json index b338ed0acca..08d0482ecc1 100644 --- a/2005/3xxx/CVE-2005-3321.json +++ b/2005/3xxx/CVE-2005-3321.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3321", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3321", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "SUSE-SA:2005:062", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_62_permissions.html" - }, - { - "name" : "15182", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15182" - }, - { - "name" : "20263", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20263" - }, - { - "name" : "17290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17290/" - }, - { - "name" : "suse-chkstat-bypass-security(22853)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22853" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20263", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20263" + }, + { + "name": "17290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17290/" + }, + { + "name": "SUSE-SA:2005:062", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_62_permissions.html" + }, + { + "name": "15182", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15182" + }, + { + "name": "suse-chkstat-bypass-security(22853)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22853" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3592.json b/2005/3xxx/CVE-2005-3592.json index cc269022ba8..82011b4edfc 100644 --- a/2005/3xxx/CVE-2005-3592.json +++ b/2005/3xxx/CVE-2005-3592.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051107 Path disclosure in CuteNews <= 1.4.0", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=113140342029880&w=2" - }, - { - "name" : "http://www.securityinfo.ru/2005/11/____cutenews_140.html", - "refsource" : "MISC", - "url" : "http://www.securityinfo.ru/2005/11/____cutenews_140.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20051107 Path disclosure in CuteNews <= 1.4.0", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=113140342029880&w=2" + }, + { + "name": "http://www.securityinfo.ru/2005/11/____cutenews_140.html", + "refsource": "MISC", + "url": "http://www.securityinfo.ru/2005/11/____cutenews_140.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3686.json b/2005/3xxx/CVE-2005-3686.json index e4ac467a7b5..fbe02acf197 100644 --- a/2005/3xxx/CVE-2005-3686.json +++ b/2005/3xxx/CVE-2005-3686.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3686", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3686", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://rgod.altervista.org/unb153pl3_xpl.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/unb153pl3_xpl.html" - }, - { - "name" : "http://packetstormsecurity.org/0511-exploits/unb153pl3_xpl.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0511-exploits/unb153pl3_xpl.html" - }, - { - "name" : "15466", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15466" - }, - { - "name" : "ADV-2005-2487", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2487" - }, - { - "name" : "20951", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20951" - }, - { - "name" : "17614", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17614" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20951", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20951" + }, + { + "name": "ADV-2005-2487", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2487" + }, + { + "name": "http://packetstormsecurity.org/0511-exploits/unb153pl3_xpl.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0511-exploits/unb153pl3_xpl.html" + }, + { + "name": "http://rgod.altervista.org/unb153pl3_xpl.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/unb153pl3_xpl.html" + }, + { + "name": "15466", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15466" + }, + { + "name": "17614", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17614" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3698.json b/2005/3xxx/CVE-2005-3698.json index 79c53ef54e6..41b4c13ca38 100644 --- a/2005/3xxx/CVE-2005-3698.json +++ b/2005/3xxx/CVE-2005-3698.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3698", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Easy Download allows remote attackers to bypass authentication via edit.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3698", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15470", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15470" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Easy Download allows remote attackers to bypass authentication via edit.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15470", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15470" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3758.json b/2005/3xxx/CVE-2005-3758.json index 58ac7319f33..836d747caa5 100644 --- a/2005/3xxx/CVE-2005-3758.json +++ b/2005/3xxx/CVE-2005-3758.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051121 Google Search Appliance proxystylesheet Flaws", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/417310/30/0/threaded" - }, - { - "name" : "http://metasploit.com/research/vulns/google_proxystylesheet/", - "refsource" : "MISC", - "url" : "http://metasploit.com/research/vulns/google_proxystylesheet/" - }, - { - "name" : "15509", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15509" - }, - { - "name" : "ADV-2005-2500", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2500" - }, - { - "name" : "20980", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20980" - }, - { - "name" : "1015246", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015246" - }, - { - "name" : "17644", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17644" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20980", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20980" + }, + { + "name": "17644", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17644" + }, + { + "name": "http://metasploit.com/research/vulns/google_proxystylesheet/", + "refsource": "MISC", + "url": "http://metasploit.com/research/vulns/google_proxystylesheet/" + }, + { + "name": "20051121 Google Search Appliance proxystylesheet Flaws", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/417310/30/0/threaded" + }, + { + "name": "ADV-2005-2500", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2500" + }, + { + "name": "15509", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15509" + }, + { + "name": "1015246", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015246" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2015.json b/2009/2xxx/CVE-2009-2015.json index ed5443b3310..8378972f3f5 100644 --- a/2009/2xxx/CVE-2009-2015.json +++ b/2009/2xxx/CVE-2009-2015.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8898", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8898" - }, - { - "name" : "35259", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35259" - }, - { - "name" : "35370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35370" - }, - { - "name" : "ADV-2009-1530", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1530" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35370" + }, + { + "name": "ADV-2009-1530", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1530" + }, + { + "name": "35259", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35259" + }, + { + "name": "8898", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8898" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2186.json b/2009/2xxx/CVE-2009-2186.json index 8cfa9de72f3..3688ca45998 100644 --- a/2009/2xxx/CVE-2009-2186.json +++ b/2009/2xxx/CVE-2009-2186.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2186", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that \"was previously resolved in Shockwave Player 11.0.0.465.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2186", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-08.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-08.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that \"was previously resolved in Shockwave Player 11.0.0.465.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-08.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-08.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2320.json b/2009/2xxx/CVE-2009-2320.json index 9543ed2e6c6..60fc600d6f2 100644 --- a/2009/2xxx/CVE-2009-2320.json +++ b/2009/2xxx/CVE-2009-2320.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web interface on the Axesstel MV 410R relies on client-side JavaScript code to validate input, which allows remote attackers to send crafted data, and possibly have unspecified other impact, via a client that does not process JavaScript." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090702 Multiple Flaws in Axesstel MV 410R", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504716/100/0/threaded" - }, - { - "name" : "35563", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35563" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web interface on the Axesstel MV 410R relies on client-side JavaScript code to validate input, which allows remote attackers to send crafted data, and possibly have unspecified other impact, via a client that does not process JavaScript." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35563", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35563" + }, + { + "name": "20090702 Multiple Flaws in Axesstel MV 410R", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504716/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2518.json b/2009/2xxx/CVE-2009-2518.json index d3c06f44ee0..9f8abfe8bd2 100644 --- a/2009/2xxx/CVE-2009-2518.json +++ b/2009/2xxx/CVE-2009-2518.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka \"Office BMP Integer Overflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2009-2518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS09-062", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" - }, - { - "name" : "TA09-286A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" - }, - { - "name" : "oval:org.mitre.oval:def:6430", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6430" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka \"Office BMP Integer Overflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA09-286A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" + }, + { + "name": "oval:org.mitre.oval:def:6430", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6430" + }, + { + "name": "MS09-062", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-062" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2872.json b/2009/2xxx/CVE-2009-2872.json index 879b34575bd..ac6172b952c 100644 --- a/2009/2xxx/CVE-2009-2872.json +++ b/2009/2xxx/CVE-2009-2872.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2872", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2872", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18893", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18893" - }, - { - "name" : "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html", - "refsource" : "CONFIRM", - "url" : "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html" - }, - { - "name" : "http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html", - "refsource" : "CONFIRM", - "url" : "http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html" - }, - { - "name" : "20090923 Cisco IOS Software Tunnels Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8115.shtml" - }, - { - "name" : "58333", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/58333" - }, - { - "name" : "1022930", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022930" - }, - { - "name" : "ADV-2009-2759", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18893", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18893" + }, + { + "name": "20090923 Cisco IOS Software Tunnels Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8115.shtml" + }, + { + "name": "1022930", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022930" + }, + { + "name": "ADV-2009-2759", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2759" + }, + { + "name": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html", + "refsource": "CONFIRM", + "url": "http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080af8113.html" + }, + { + "name": "58333", + "refsource": "OSVDB", + "url": "http://osvdb.org/58333" + }, + { + "name": "http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html", + "refsource": "CONFIRM", + "url": "http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep09.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2993.json b/2009/2xxx/CVE-2009-2993.json index d1d9be5eb40..9d4c1015a29 100644 --- a/2009/2xxx/CVE-2009-2993.json +++ b/2009/2xxx/CVE-2009-2993.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2993", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html" - }, - { - "name" : "TA09-286B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" - }, - { - "name" : "VU#257117", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/257117" - }, - { - "name" : "36638", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36638" - }, - { - "name" : "36664", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36664" - }, - { - "name" : "oval:org.mitre.oval:def:5822", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5822" - }, - { - "name" : "1023007", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023007" - }, - { - "name" : "ADV-2009-2898", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36638", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36638" + }, + { + "name": "TA09-286B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" + }, + { + "name": "1023007", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023007" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html" + }, + { + "name": "oval:org.mitre.oval:def:5822", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5822" + }, + { + "name": "ADV-2009-2898", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2898" + }, + { + "name": "VU#257117", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/257117" + }, + { + "name": "36664", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36664" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3220.json b/2009/3xxx/CVE-2009-3220.json index 1b28cff52a0..476df92da65 100644 --- a/2009/3xxx/CVE-2009-3220.json +++ b/2009/3xxx/CVE-2009-3220.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3220", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3220", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090727 Remote File Inclusion in aiocp", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/505250/100/0/threaded" - }, - { - "name" : "35811", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35811" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20090727 Remote File Inclusion in aiocp", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/505250/100/0/threaded" + }, + { + "name": "35811", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35811" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3708.json b/2009/3xxx/CVE-2009-3708.json index 81069f75c0d..48902efda26 100644 --- a/2009/3xxx/CVE-2009-3708.json +++ b/2009/3xxx/CVE-2009-3708.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) description or (2) keyword META tag. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "58649", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/58649" - }, - { - "name" : "36940", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36940" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) description or (2) keyword META tag. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "58649", + "refsource": "OSVDB", + "url": "http://osvdb.org/58649" + }, + { + "name": "36940", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36940" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3751.json b/2009/3xxx/CVE-2009-3751.json index 5c239bf40f4..f5e320ceea6 100644 --- a/2009/3xxx/CVE-2009-3751.json +++ b/2009/3xxx/CVE-2009-3751.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3751", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 allows remote attackers to inject arbitrary web script or HTML via the genres_parent parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3751", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9122", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9122" - }, - { - "name" : "35641", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35641" - }, - { - "name" : "35677", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35677" - }, - { - "name" : "opial-home-xss(51679)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in home.php in Opial 1.0 allows remote attackers to inject arbitrary web script or HTML via the genres_parent parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "opial-home-xss(51679)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51679" + }, + { + "name": "35677", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35677" + }, + { + "name": "35641", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35641" + }, + { + "name": "9122", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9122" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3770.json b/2009/3xxx/CVE-2009-3770.json index 7ff8866d122..9a6acbaa28d 100644 --- a/2009/3xxx/CVE-2009-3770.json +++ b/2009/3xxx/CVE-2009-3770.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3770", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3770", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3780.json b/2009/3xxx/CVE-2009-3780.json index fe6b400ed60..b5aa2f3d211 100644 --- a/2009/3xxx/CVE-2009-3780.json +++ b/2009/3xxx/CVE-2009-3780.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/610784", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/610784" - }, - { - "name" : "http://drupal.org/node/610900", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/610900" - }, - { - "name" : "http://drupal.org/node/611078", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/611078" - }, - { - "name" : "36791", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36791" - }, - { - "name" : "37129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37129" - }, - { - "name" : "abuse-unspecified-xss(53898)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://drupal.org/node/610784", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/610784" + }, + { + "name": "http://drupal.org/node/611078", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/611078" + }, + { + "name": "37129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37129" + }, + { + "name": "36791", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36791" + }, + { + "name": "abuse-unspecified-xss(53898)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53898" + }, + { + "name": "http://drupal.org/node/610900", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/610900" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0016.json b/2015/0xxx/CVE-2015-0016.json index cab61efc8fb..42c1866f3ba 100644 --- a/2015/0xxx/CVE-2015-0016.json +++ b/2015/0xxx/CVE-2015-0016.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Directory Traversal Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-0016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "35983", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/35983" - }, - { - "name" : "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/", - "refsource" : "MISC", - "url" : "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/" - }, - { - "name" : "http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html" - }, - { - "name" : "MS15-004", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-004" - }, - { - "name" : "71965", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71965" - }, - { - "name" : "1031524", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031524" - }, - { - "name" : "62076", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62076" - }, - { - "name" : "ms-windows-cve20150016-priv-esc(99515)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99515" - }, - { - "name" : "win-ms15kb3025421-update(99516)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99516" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Directory Traversal Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "71965", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71965" + }, + { + "name": "1031524", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031524" + }, + { + "name": "ms-windows-cve20150016-priv-esc(99515)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99515" + }, + { + "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/", + "refsource": "MISC", + "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/" + }, + { + "name": "win-ms15kb3025421-update(99516)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99516" + }, + { + "name": "35983", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/35983" + }, + { + "name": "62076", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62076" + }, + { + "name": "http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130201/MS15-004-Microsoft-Remote-Desktop-Services-Web-Proxy-IE-Sandbox-Escape.html" + }, + { + "name": "MS15-004", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-004" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0395.json b/2015/0xxx/CVE-2015-0395.json index edc55066a0d..af250895bee 100644 --- a/2015/0xxx/CVE-2015-0395.json +++ b/2015/0xxx/CVE-2015-0395.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0395", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0395", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "https://www-304.ibm.com/support/docview.wss?uid=swg21695474", - "refsource" : "CONFIRM", - "url" : "https://www-304.ibm.com/support/docview.wss?uid=swg21695474" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" - }, - { - "name" : "DSA-3144", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3144" - }, - { - "name" : "DSA-3147", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3147" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "GLSA-201507-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-14" - }, - { - "name" : "HPSBUX03273", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496355704097&w=2" - }, - { - "name" : "SSRT101951", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496355704097&w=2" - }, - { - "name" : "HPSBUX03281", - "refsource" : "HP", - "url" : "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" - }, - { - "name" : "SSRT101968", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142607790919348&w=2" - }, - { - "name" : "RHSA-2015:0136", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0136.html" - }, - { - "name" : "RHSA-2015:0068", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0068.html" - }, - { - "name" : "RHSA-2015:0079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0079.html" - }, - { - "name" : "RHSA-2015:0080", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0080.html" - }, - { - "name" : "RHSA-2015:0085", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0085.html" - }, - { - "name" : "RHSA-2015:0086", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0086.html" - }, - { - "name" : "RHSA-2015:0264", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html" - }, - { - "name" : "SUSE-SU-2015:0336", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" - }, - { - "name" : "openSUSE-SU-2015:0190", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:0503", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" - }, - { - "name" : "USN-2486-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2486-1" - }, - { - "name" : "USN-2487-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2487-1" - }, - { - "name" : "72142", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72142" - }, - { - "name" : "1031580", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031580" - }, - { - "name" : "oracle-cpujan2015-cve20150395(100143)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100143" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:0503", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" + }, + { + "name": "DSA-3144", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3144" + }, + { + "name": "RHSA-2015:0136", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html" + }, + { + "name": "RHSA-2015:0079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "72142", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72142" + }, + { + "name": "RHSA-2015:0264", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html" + }, + { + "name": "oracle-cpujan2015-cve20150395(100143)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100143" + }, + { + "name": "USN-2487-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2487-1" + }, + { + "name": "RHSA-2015:0085", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html" + }, + { + "name": "RHSA-2015:0086", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "SUSE-SU-2015:0336", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" + }, + { + "name": "RHSA-2015:0080", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html" + }, + { + "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474", + "refsource": "CONFIRM", + "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474" + }, + { + "name": "RHSA-2015:0068", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html" + }, + { + "name": "USN-2486-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2486-1" + }, + { + "name": "GLSA-201507-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-14" + }, + { + "name": "SSRT101951", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" + }, + { + "name": "HPSBUX03281", + "refsource": "HP", + "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" + }, + { + "name": "SSRT101968", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" + }, + { + "name": "openSUSE-SU-2015:0190", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" + }, + { + "name": "HPSBUX03273", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" + }, + { + "name": "1031580", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031580" + }, + { + "name": "DSA-3147", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3147" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0528.json b/2015/0xxx/CVE-2015-0528.json index 66c6cda77a5..00c16a442c5 100644 --- a/2015/0xxx/CVE-2015-0528.json +++ b/2015/0xxx/CVE-2015-0528.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0528", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-0528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150325 ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2015/Mar/162" - }, - { - "name" : "http://packetstormsecurity.com/files/131035/EMC-Isilon-OneFS-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131035/EMC-Isilon-OneFS-Privilege-Escalation.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 before 7.1.1.2, and 7.2.0 before 7.2.0.1 allows local users to gain privileges by leveraging an ability to modify system files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/131035/EMC-Isilon-OneFS-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131035/EMC-Isilon-OneFS-Privilege-Escalation.html" + }, + { + "name": "20150325 ESA-2015-049: EMC Isilon OneFS Privilege Escalation Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2015/Mar/162" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0890.json b/2015/0xxx/CVE-2015-0890.json index 165d37fb22f..a07173c3c9b 100644 --- a/2015/0xxx/CVE-2015-0890.json +++ b/2015/0xxx/CVE-2015-0890.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0890", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-0890", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wordpress.org/plugins/google-captcha/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/google-captcha/changelog/" - }, - { - "name" : "JVN#55063777", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN55063777/index.html" - }, - { - "name" : "JVNDB-2015-000030", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2015-000030", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000030" + }, + { + "name": "https://wordpress.org/plugins/google-captcha/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/google-captcha/changelog/" + }, + { + "name": "JVN#55063777", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN55063777/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1487.json b/2015/1xxx/CVE-2015-1487.json index ff2d4f8df94..9e37e02bfee 100644 --- a/2015/1xxx/CVE-2015-1487.json +++ b/2015/1xxx/CVE-2015-1487.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1487", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "ID": "CVE-2015-1487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37812", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37812/" - }, - { - "name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00" - }, - { - "name" : "76094", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76094" - }, - { - "name" : "1033165", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033165" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37812", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37812/" + }, + { + "name": "76094", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76094" + }, + { + "name": "1033165", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033165" + }, + { + "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1493.json b/2015/1xxx/CVE-2015-1493.json index 6cd8e9f9fae..f29e72ac4fa 100644 --- a/2015/1xxx/CVE-2015-1493.json +++ b/2015/1xxx/CVE-2015-1493.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1493", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-1493", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150204 CVE request for Moodlee MDL-48980 Security: Always clean the result from min_get_slash_argument", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/02/04/15" - }, - { - "name" : "[oss-security] 20150209 Moodle security issue made public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/02/09/2" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=279956", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=279956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the min_get_slash_argument function in lib/configonlylib.php in Moodle through 2.5.9, 2.6.x before 2.6.8, 2.7.x before 2.7.5, and 2.8.x before 2.8.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter, as demonstrated by reading PHP scripts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150209 Moodle security issue made public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/02/09/2" + }, + { + "name": "[oss-security] 20150204 CVE request for Moodlee MDL-48980 Security: Always clean the result from min_get_slash_argument", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/02/04/15" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=af9a7937cc085f96bdbc4724cadec6eeae0242fc" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=279956", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=279956" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1672.json b/2015/1xxx/CVE-2015-1672.json index 3838f4b059e..1dcfcd52fd9 100644 --- a/2015/1xxx/CVE-2015-1672.json +++ b/2015/1xxx/CVE-2015-1672.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka \".NET XML Decryption Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-1672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-048", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-048" - }, - { - "name" : "74482", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74482" - }, - { - "name" : "1032297", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032297" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote attackers to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka \".NET XML Decryption Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032297", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032297" + }, + { + "name": "MS15-048", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-048" + }, + { + "name": "74482", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74482" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1815.json b/2015/1xxx/CVE-2015-1815.json index 6025c6856f5..f4fbdd3645f 100644 --- a/2015/1xxx/CVE-2015-1815.json +++ b/2015/1xxx/CVE-2015-1815.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-1815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36564", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36564/" - }, - { - "name" : "[oss-security] 20150326 Fwd: setroubleshoot root exploit (CVE-Request)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/26/1" - }, - { - "name" : "https://github.com/stealth/troubleshooter", - "refsource" : "MISC", - "url" : "https://github.com/stealth/troubleshooter" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1203352", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1203352" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1206050", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1206050" - }, - { - "name" : "FEDORA-2015-4792", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154147.html" - }, - { - "name" : "FEDORA-2015-4833", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154427.html" - }, - { - "name" : "FEDORA-2015-4838", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154444.html" - }, - { - "name" : "RHSA-2015:0729", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0729.html" - }, - { - "name" : "73374", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73374" - }, - { - "name" : "119966", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/119966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-4833", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154427.html" + }, + { + "name": "73374", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73374" + }, + { + "name": "36564", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36564/" + }, + { + "name": "FEDORA-2015-4838", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154444.html" + }, + { + "name": "[oss-security] 20150326 Fwd: setroubleshoot root exploit (CVE-Request)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/26/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1206050", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206050" + }, + { + "name": "FEDORA-2015-4792", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154147.html" + }, + { + "name": "RHSA-2015:0729", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0729.html" + }, + { + "name": "119966", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/119966" + }, + { + "name": "https://github.com/stealth/troubleshooter", + "refsource": "MISC", + "url": "https://github.com/stealth/troubleshooter" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203352", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203352" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1988.json b/2015/1xxx/CVE-2015-1988.json index 5f913af977d..022eee004d3 100644 --- a/2015/1xxx/CVE-2015-1988.json +++ b/2015/1xxx/CVE-2015-1988.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-1988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21967532", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21967532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21967532", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967532" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4160.json b/2015/4xxx/CVE-2015-4160.json index 23af8ccd088..117aaeefbbb 100644 --- a/2015/4xxx/CVE-2015-4160.json +++ b/2015/4xxx/CVE-2015-4160.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4160", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4160", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150522 SAP Security Notes May 2015", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/96" - }, - { - "name" : "74798", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74798", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74798" + }, + { + "name": "20150522 SAP Security Notes May 2015", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/96" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4330.json b/2015/4xxx/CVE-2015-4330.json index 9b08795e9c2..e715171d0c8 100644 --- a/2015/4xxx/CVE-2015-4330.json +++ b/2015/4xxx/CVE-2015-4330.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150901 Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40541" - }, - { - "name" : "1033442", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033442" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033442", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033442" + }, + { + "name": "20150901 Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40541" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4597.json b/2015/4xxx/CVE-2015-4597.json index 97a2a63dc2c..52342b58388 100644 --- a/2015/4xxx/CVE-2015-4597.json +++ b/2015/4xxx/CVE-2015-4597.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4597", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4597", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4973.json b/2015/4xxx/CVE-2015-4973.json index fc74a2af3c6..93e4d139636 100644 --- a/2015/4xxx/CVE-2015-4973.json +++ b/2015/4xxx/CVE-2015-4973.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-4973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21964806", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21964806" - }, - { - "name" : "IT10705", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21964806", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21964806" + }, + { + "name": "IT10705", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10705" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8939.json b/2015/8xxx/CVE-2015-8939.json index a2f3fec817b..7b648198850 100644 --- a/2015/8xxx/CVE-2015-8939.json +++ b/2015/8xxx/CVE-2015-8939.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8939", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28398884 and Qualcomm internal bug CR779021." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8939", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=884cff808385788fa620833c7e2160a4b98a21da", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=884cff808385788fa620833c7e2160a4b98a21da" - }, - { - "name" : "92219", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28398884 and Qualcomm internal bug CR779021." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "92219", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92219" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=884cff808385788fa620833c7e2160a4b98a21da", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=884cff808385788fa620833c7e2160a4b98a21da" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9223.json b/2015/9xxx/CVE-2015-9223.json index 07606aa470b..85241bd26d5 100644 --- a/2015/9xxx/CVE-2015-9223.json +++ b/2015/9xxx/CVE-2015-9223.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9223", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9615, MDM9625, MDM9635M, SD 400, SD 600, SD 800" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input in Multimedia" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9223", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "MDM9615, MDM9625, MDM9635M, SD 400, SD 600, SD 800" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input in Multimedia" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9250.json b/2015/9xxx/CVE-2015-9250.json index 7bbbc9367a8..4127cce3630 100644 --- a/2015/9xxx/CVE-2015-9250.json +++ b/2015/9xxx/CVE-2015-9250.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5504.json b/2016/5xxx/CVE-2016-5504.json index 9a2f79e64d2..fa80db9ae3b 100644 --- a/2016/5xxx/CVE-2016-5504.json +++ b/2016/5xxx/CVE-2016-5504.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93679" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2069.json b/2018/2xxx/CVE-2018-2069.json index 76d37080a98..e93e3fa3088 100644 --- a/2018/2xxx/CVE-2018-2069.json +++ b/2018/2xxx/CVE-2018-2069.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2069", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2069", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2144.json b/2018/2xxx/CVE-2018-2144.json index b3913e1bb4a..f8d1e5d1577 100644 --- a/2018/2xxx/CVE-2018-2144.json +++ b/2018/2xxx/CVE-2018-2144.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2144", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2144", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2276.json b/2018/2xxx/CVE-2018-2276.json index 932b1e44163..cc169ececa8 100644 --- a/2018/2xxx/CVE-2018-2276.json +++ b/2018/2xxx/CVE-2018-2276.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2276", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2276", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2452.json b/2018/2xxx/CVE-2018-2452.json index 28360c7fd55..47b2c302e5c 100644 --- a/2018/2xxx/CVE-2018-2452.json +++ b/2018/2xxx/CVE-2018-2452.json @@ -1,96 +1,96 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP NetWeaver AS Java", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "7.10 to 7.11" - }, - { - "version_name" : "=", - "version_value" : "7.20" - }, - { - "version_name" : "=", - "version_value" : "7.30" - }, - { - "version_name" : "=", - "version_value" : "7.31" - }, - { - "version_name" : "=", - "version_value" : "7.40" - }, - { - "version_name" : "=", - "version_value" : "7.50" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP NetWeaver AS Java", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "7.10 to 7.11" + }, + { + "version_name": "=", + "version_value": "7.20" + }, + { + "version_name": "=", + "version_value": "7.30" + }, + { + "version_name": "=", + "version_value": "7.31" + }, + { + "version_name": "=", + "version_value": "7.40" + }, + { + "version_name": "=", + "version_value": "7.50" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2623846", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2623846" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", - "refsource" : "CONFIRM", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993" - }, - { - "name" : "105325", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105325" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993", + "refsource": "CONFIRM", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2623846", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2623846" + }, + { + "name": "105325", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105325" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2814.json b/2018/2xxx/CVE-2018-2814.json index 2840cd5c42e..495c6a0c99f 100644 --- a/2018/2xxx/CVE-2018-2814.json +++ b/2018/2xxx/CVE-2018-2814.json @@ -1,175 +1,175 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 6u181" - }, - { - "version_affected" : "=", - "version_value" : "7u171" - }, - { - "version_affected" : "=", - "version_value" : "8u162" - }, - { - "version_affected" : "=", - "version_value" : "10; Java SE Embedded: 8u161" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 6u181" + }, + { + "version_affected": "=", + "version_value": "7u171" + }, + { + "version_affected": "=", + "version_value": "8u162" + }, + { + "version_affected": "=", + "version_value": "10; Java SE Embedded: 8u161" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0001/" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" - }, - { - "name" : "DSA-4185", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4185" - }, - { - "name" : "DSA-4225", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4225" - }, - { - "name" : "GLSA-201903-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201903-14" - }, - { - "name" : "RHSA-2018:1188", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1188" - }, - { - "name" : "RHSA-2018:1191", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1191" - }, - { - "name" : "RHSA-2018:1201", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1201" - }, - { - "name" : "RHSA-2018:1202", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1202" - }, - { - "name" : "RHSA-2018:1203", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1203" - }, - { - "name" : "RHSA-2018:1204", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1204" - }, - { - "name" : "RHSA-2018:1205", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1205" - }, - { - "name" : "RHSA-2018:1206", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1206" - }, - { - "name" : "RHSA-2018:1270", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1270" - }, - { - "name" : "RHSA-2018:1278", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1278" - }, - { - "name" : "USN-3644-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3644-1/" - }, - { - "name" : "USN-3691-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3691-1/" - }, - { - "name" : "103798", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103798" - }, - { - "name" : "1040697", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:1278", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1278" + }, + { + "name": "DSA-4185", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4185" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us" + }, + { + "name": "GLSA-201903-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201903-14" + }, + { + "name": "DSA-4225", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4225" + }, + { + "name": "1040697", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040697" + }, + { + "name": "RHSA-2018:1203", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1203" + }, + { + "name": "USN-3644-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3644-1/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0001/" + }, + { + "name": "RHSA-2018:1201", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1201" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" + }, + { + "name": "RHSA-2018:1204", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1204" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103798", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103798" + }, + { + "name": "RHSA-2018:1205", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1205" + }, + { + "name": "USN-3691-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3691-1/" + }, + { + "name": "RHSA-2018:1202", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1202" + }, + { + "name": "RHSA-2018:1191", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1191" + }, + { + "name": "RHSA-2018:1188", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1188" + }, + { + "name": "RHSA-2018:1206", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1206" + }, + { + "name": "RHSA-2018:1270", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1270" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2964.json b/2018/2xxx/CVE-2018-2964.json index 9924bff9e51..98302992853 100644 --- a/2018/2xxx/CVE-2018-2964.json +++ b/2018/2xxx/CVE-2018-2964.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 8u172" - }, - { - "version_affected" : "=", - "version_value" : "10.0.1" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 8u172" + }, + { + "version_affected": "=", + "version_value": "10.0.1" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180726-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180726-0001/" - }, - { - "name" : "RHSA-2018:2253", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2253" - }, - { - "name" : "RHSA-2018:2256", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2256" - }, - { - "name" : "104780", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104780" - }, - { - "name" : "1041302", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "104780", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104780" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180726-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180726-0001/" + }, + { + "name": "RHSA-2018:2256", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2256" + }, + { + "name": "RHSA-2018:2253", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2253" + }, + { + "name": "1041302", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041302" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3043.json b/2018/3xxx/CVE-2018-3043.json index 5b6099b4b03..85be5733bb5 100644 --- a/2018/3xxx/CVE-2018-3043.json +++ b/2018/3xxx/CVE-2018-3043.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-3043", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "FLEXCUBE Enterprise Limits and Collateral Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "12.3.0" - }, - { - "version_affected" : "=", - "version_value" : "14.0.0" - }, - { - "version_affected" : "=", - "version_value" : "14.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Enterprise Limits and Collateral Management. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Enterprise Limits and Collateral Management." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-3043", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "FLEXCUBE Enterprise Limits and Collateral Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.3.0" + }, + { + "version_affected": "=", + "version_value": "14.0.0" + }, + { + "version_affected": "=", + "version_value": "14.1.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "104801", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104801" - }, - { - "name" : "1041307", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041307" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Enterprise Limits and Collateral Management. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Enterprise Limits and Collateral Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Enterprise Limits and Collateral Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Enterprise Limits and Collateral Management." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "104801", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104801" + }, + { + "name": "1041307", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041307" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6025.json b/2018/6xxx/CVE-2018-6025.json index 87cdb2bc1fb..ba0548a91fc 100644 --- a/2018/6xxx/CVE-2018-6025.json +++ b/2018/6xxx/CVE-2018-6025.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6025", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6025", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6034.json b/2018/6xxx/CVE-2018-6034.json index 94998491121..12a9fc74657 100644 --- a/2018/6xxx/CVE-2018-6034.json +++ b/2018/6xxx/CVE-2018-6034.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "64.0.3282.119" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Insufficient data validation" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "64.0.3282.119" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" - }, - { - "name" : "https://crbug.com/784183", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/784183" - }, - { - "name" : "DSA-4103", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4103" - }, - { - "name" : "RHSA-2018:0265", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0265" - }, - { - "name" : "102797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102797" - }, - { - "name" : "1040282", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient data validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" + }, + { + "name": "DSA-4103", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4103" + }, + { + "name": "102797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102797" + }, + { + "name": "1040282", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040282" + }, + { + "name": "https://crbug.com/784183", + "refsource": "CONFIRM", + "url": "https://crbug.com/784183" + }, + { + "name": "RHSA-2018:0265", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0265" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6445.json b/2018/6xxx/CVE-2018-6445.json index e57af0b51f4..ce14143c487 100644 --- a/2018/6xxx/CVE-2018-6445.json +++ b/2018/6xxx/CVE-2018-6445.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@brocade.com", - "ID" : "CVE-2018-6445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Brocade Network Advisor", - "version" : { - "version_data" : [ - { - "version_value" : "All versions prior to version 14.0.3" - } - ] - } - } - ] - }, - "vendor_name" : "Brocade Communications Systems, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@brocade.com", + "ID": "CVE-2018-6445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Brocade Network Advisor", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 14.0.3" + } + ] + } + } + ] + }, + "vendor_name": "Brocade Communications Systems, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745", - "refsource" : "CONFIRM", - "url" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745", + "refsource": "CONFIRM", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-745" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6630.json b/2018/6xxx/CVE-2018-6630.json index cf6685d9746..a886d42648b 100644 --- a/2018/6xxx/CVE-2018-6630.json +++ b/2018/6xxx/CVE-2018-6630.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6630", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000014c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6630", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000014c", - "refsource" : "MISC", - "url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000014c" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000014c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000014c", + "refsource": "MISC", + "url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/8000014c" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7237.json b/2018/7xxx/CVE-2018-7237.json index c99895ab234..b9d75b7a6a1 100644 --- a/2018/7xxx/CVE-2018-7237.json +++ b/2018/7xxx/CVE-2018-7237.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cybersecurity@se.com", - "DATE_PUBLIC" : "2018-03-01T00:00:00", - "ID" : "CVE-2018-7237", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Pelco Sarix Professional", - "version" : { - "version_data" : [ - { - "version_value" : "all firmware versions prior to 3.29.77" - } - ] - } - } - ] - }, - "vendor_name" : "Schneider Electric SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of 'system.delete.sd_file'" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Arbitrary File Delete" - } + "CVE_data_meta": { + "ASSIGNER": "cybersecurity@schneider-electric.com", + "DATE_PUBLIC": "2018-03-01T00:00:00", + "ID": "CVE-2018-7237", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pelco Sarix Professional", + "version": { + "version_data": [ + { + "version_value": "all firmware versions prior to 3.29.77" + } + ] + } + } + ] + }, + "vendor_name": "Schneider Electric SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/", - "refsource" : "CONFIRM", - "url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of 'system.delete.sd_file'" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary File Delete" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/", + "refsource": "CONFIRM", + "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7842.json b/2018/7xxx/CVE-2018-7842.json index 21f3e81ce89..3e60ab6dedc 100644 --- a/2018/7xxx/CVE-2018-7842.json +++ b/2018/7xxx/CVE-2018-7842.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7842", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7842", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7851.json b/2018/7xxx/CVE-2018-7851.json index 9fe4528895c..65046824a3d 100644 --- a/2018/7xxx/CVE-2018-7851.json +++ b/2018/7xxx/CVE-2018-7851.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7851", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7851", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7972.json b/2018/7xxx/CVE-2018-7972.json index 7ddecb88a67..4879e9c7c00 100644 --- a/2018/7xxx/CVE-2018-7972.json +++ b/2018/7xxx/CVE-2018-7972.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7972", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7972", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5222.json b/2019/5xxx/CVE-2019-5222.json index fc4b7cec942..139ef151d0f 100644 --- a/2019/5xxx/CVE-2019-5222.json +++ b/2019/5xxx/CVE-2019-5222.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5222", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5222", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5363.json b/2019/5xxx/CVE-2019-5363.json index 6946f008f58..2bc74912a39 100644 --- a/2019/5xxx/CVE-2019-5363.json +++ b/2019/5xxx/CVE-2019-5363.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5363", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5363", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5678.json b/2019/5xxx/CVE-2019-5678.json index 9ed6c765f3d..d4f6a95f07e 100644 --- a/2019/5xxx/CVE-2019-5678.json +++ b/2019/5xxx/CVE-2019-5678.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5678", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5678", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5685.json b/2019/5xxx/CVE-2019-5685.json index e21dacd7177..dfbac3a934f 100644 --- a/2019/5xxx/CVE-2019-5685.json +++ b/2019/5xxx/CVE-2019-5685.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5685", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5685", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file