From a1a5daf8c778a8963518ab26e0abb55db1fa999d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:56:28 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0283.json | 120 ++++++------- 2007/0xxx/CVE-2007-0027.json | 210 +++++++++++----------- 2007/0xxx/CVE-2007-0113.json | 180 +++++++++---------- 2007/0xxx/CVE-2007-0550.json | 140 +++++++-------- 2007/0xxx/CVE-2007-0574.json | 130 +++++++------- 2007/0xxx/CVE-2007-0701.json | 170 +++++++++--------- 2007/0xxx/CVE-2007-0947.json | 230 ++++++++++++------------ 2007/1xxx/CVE-2007-1179.json | 160 ++++++++--------- 2007/1xxx/CVE-2007-1547.json | 270 ++++++++++++++-------------- 2007/1xxx/CVE-2007-1664.json | 150 ++++++++-------- 2007/4xxx/CVE-2007-4316.json | 170 +++++++++--------- 2007/4xxx/CVE-2007-4663.json | 220 +++++++++++------------ 2007/5xxx/CVE-2007-5089.json | 190 ++++++++++---------- 2007/5xxx/CVE-2007-5491.json | 190 ++++++++++---------- 2007/5xxx/CVE-2007-5652.json | 180 +++++++++---------- 2007/5xxx/CVE-2007-5786.json | 150 ++++++++-------- 2007/5xxx/CVE-2007-5793.json | 160 ++++++++--------- 2007/5xxx/CVE-2007-5831.json | 140 +++++++-------- 2015/3xxx/CVE-2015-3067.json | 150 ++++++++-------- 2015/3xxx/CVE-2015-3148.json | 340 +++++++++++++++++------------------ 2015/3xxx/CVE-2015-3302.json | 160 ++++++++--------- 2015/6xxx/CVE-2015-6020.json | 140 +++++++-------- 2015/6xxx/CVE-2015-6154.json | 150 ++++++++-------- 2015/6xxx/CVE-2015-6595.json | 34 ++-- 2015/6xxx/CVE-2015-6814.json | 34 ++-- 2015/7xxx/CVE-2015-7334.json | 34 ++-- 2015/7xxx/CVE-2015-7897.json | 150 ++++++++-------- 2015/8xxx/CVE-2015-8309.json | 160 ++++++++--------- 2015/8xxx/CVE-2015-8341.json | 150 ++++++++-------- 2015/8xxx/CVE-2015-8823.json | 130 +++++++------- 2016/0xxx/CVE-2016-0294.json | 34 ++-- 2016/0xxx/CVE-2016-0404.json | 130 +++++++------- 2016/0xxx/CVE-2016-0976.json | 190 ++++++++++---------- 2016/0xxx/CVE-2016-0986.json | 190 ++++++++++---------- 2016/1xxx/CVE-2016-1146.json | 34 ++-- 2016/1xxx/CVE-2016-1158.json | 140 +++++++-------- 2016/1xxx/CVE-2016-1889.json | 130 +++++++------- 2016/4xxx/CVE-2016-4728.json | 210 +++++++++++----------- 2016/5xxx/CVE-2016-5101.json | 130 +++++++------- 2016/5xxx/CVE-2016-5577.json | 140 +++++++-------- 2016/5xxx/CVE-2016-5682.json | 120 ++++++------- 2016/5xxx/CVE-2016-5898.json | 166 ++++++++--------- 2019/0xxx/CVE-2019-0371.json | 34 ++-- 2019/0xxx/CVE-2019-0535.json | 34 ++-- 2019/0xxx/CVE-2019-0819.json | 34 ++-- 2019/1xxx/CVE-2019-1124.json | 34 ++-- 2019/1xxx/CVE-2019-1180.json | 34 ++-- 2019/1xxx/CVE-2019-1432.json | 34 ++-- 2019/3xxx/CVE-2019-3715.json | 164 ++++++++--------- 2019/3xxx/CVE-2019-3768.json | 34 ++-- 2019/4xxx/CVE-2019-4415.json | 34 ++-- 2019/4xxx/CVE-2019-4665.json | 34 ++-- 2019/4xxx/CVE-2019-4870.json | 34 ++-- 2019/4xxx/CVE-2019-4895.json | 34 ++-- 2019/5xxx/CVE-2019-5827.json | 34 ++-- 2019/8xxx/CVE-2019-8262.json | 122 ++++++------- 2019/8xxx/CVE-2019-8400.json | 160 ++++++++--------- 2019/8xxx/CVE-2019-8603.json | 34 ++-- 2019/8xxx/CVE-2019-8739.json | 34 ++-- 2019/8xxx/CVE-2019-8839.json | 34 ++-- 2019/9xxx/CVE-2019-9233.json | 34 ++-- 2019/9xxx/CVE-2019-9289.json | 34 ++-- 2019/9xxx/CVE-2019-9805.json | 34 ++-- 63 files changed, 3732 insertions(+), 3732 deletions(-) diff --git a/1999/0xxx/CVE-1999-0283.json b/1999/0xxx/CVE-1999-0283.json index 37d0f818f79..64e90e50504 100644 --- a/1999/0xxx/CVE-1999-0283.json +++ b/1999/0xxx/CVE-1999-0283.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Java Web Server would allow remote users to obtain the source code for CGI programs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19970716 Viewable .jhtml source with JavaWebServer", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=88256790401004&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Java Web Server would allow remote users to obtain the source code for CGI programs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19970716 Viewable .jhtml source with JavaWebServer", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=88256790401004&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0027.json b/2007/0xxx/CVE-2007-0027.json index 153532c28d0..62667a83718 100644 --- a/2007/0xxx/CVE-2007-0027.json +++ b/2007/0xxx/CVE-2007-0027.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBST02184", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/457274/100/0/threaded" - }, - { - "name" : "SSRT071296", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/457274/100/0/threaded" - }, - { - "name" : "MS07-002", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002" - }, - { - "name" : "TA07-009A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-009A.html" - }, - { - "name" : "VU#749964", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/749964" - }, - { - "name" : "21856", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21856" - }, - { - "name" : "ADV-2007-0103", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0103" - }, - { - "name" : "31255", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31255" - }, - { - "name" : "oval:org.mitre.oval:def:119", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A119" - }, - { - "name" : "1017487", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31255", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31255" + }, + { + "name": "TA07-009A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-009A.html" + }, + { + "name": "1017487", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017487" + }, + { + "name": "21856", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21856" + }, + { + "name": "HPSBST02184", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/457274/100/0/threaded" + }, + { + "name": "ADV-2007-0103", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0103" + }, + { + "name": "MS07-002", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002" + }, + { + "name": "SSRT071296", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/457274/100/0/threaded" + }, + { + "name": "VU#749964", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/749964" + }, + { + "name": "oval:org.mitre.oval:def:119", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A119" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0113.json b/2007/0xxx/CVE-2007-0113.json index 6caa69d651f..bc50934edfa 100644 --- a/2007/0xxx/CVE-2007-0113.json +++ b/2007/0xxx/CVE-2007-0113.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote authenticated users to cause a denial of service (reset or reboot) via (1) a long traffic class argument to the \"class show\" command or (2) a long POLICY parameter value in clastree.htm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070108 Packeteer PacketWise CLI overflow DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456267/100/0/threaded" - }, - { - "name" : "21933", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21933" - }, - { - "name" : "ADV-2007-0098", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0098" - }, - { - "name" : "31656", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31656" - }, - { - "name" : "23685", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23685" - }, - { - "name" : "2110", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2110" - }, - { - "name" : "packetshaper-argument-dos(31357)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31357" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote authenticated users to cause a denial of service (reset or reboot) via (1) a long traffic class argument to the \"class show\" command or (2) a long POLICY parameter value in clastree.htm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21933", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21933" + }, + { + "name": "20070108 Packeteer PacketWise CLI overflow DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456267/100/0/threaded" + }, + { + "name": "23685", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23685" + }, + { + "name": "2110", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2110" + }, + { + "name": "packetshaper-argument-dos(31357)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31357" + }, + { + "name": "31656", + "refsource": "OSVDB", + "url": "http://osvdb.org/31656" + }, + { + "name": "ADV-2007-0098", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0098" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0550.json b/2007/0xxx/CVE-2007-0550.json index f327eef6456..c9c7e626b87 100644 --- a/2007/0xxx/CVE-2007-0550.json +++ b/2007/0xxx/CVE-2007-0550.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0550", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard 0.08 Beta allows remote attackers to inject arbitrary web script or HTML via keyword parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0550", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070121 XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457611/100/0/threaded" - }, - { - "name" : "2212", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2212" - }, - { - "name" : "212cafeboard-search-xss(31651)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31651" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard 0.08 Beta allows remote attackers to inject arbitrary web script or HTML via keyword parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2212", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2212" + }, + { + "name": "20070121 XSS in 212cafeBoard ( Verision 0.08 & 6.30 Beta )", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457611/100/0/threaded" + }, + { + "name": "212cafeboard-search-xss(31651)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31651" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0574.json b/2007/0xxx/CVE-2007-0574.json index 594fc642271..3abb119bd48 100644 --- a/2007/0xxx/CVE-2007-0574.json +++ b/2007/0xxx/CVE-2007-0574.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22282", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22282" - }, - { - "name" : "36631", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36631" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36631", + "refsource": "OSVDB", + "url": "http://osvdb.org/36631" + }, + { + "name": "22282", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22282" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0701.json b/2007/0xxx/CVE-2007-0701.json index 0fbdb1be49c..3810a373c18 100644 --- a/2007/0xxx/CVE-2007-0701.json +++ b/2007/0xxx/CVE-2007-0701.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in inc/common.inc.php in Epistemon 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3247", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3247" - }, - { - "name" : "20070201 true: Epistemon 1.0 <= Remote File Include Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001266.html" - }, - { - "name" : "22360", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22360" - }, - { - "name" : "ADV-2007-0459", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0459" - }, - { - "name" : "31938", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31938" - }, - { - "name" : "24003", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in inc/common.inc.php in Epistemon 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0459", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0459" + }, + { + "name": "24003", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24003" + }, + { + "name": "22360", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22360" + }, + { + "name": "3247", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3247" + }, + { + "name": "31938", + "refsource": "OSVDB", + "url": "http://osvdb.org/31938" + }, + { + "name": "20070201 true: Epistemon 1.0 <= Remote File Include Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001266.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0947.json b/2007/0xxx/CVE-2007-0947.json index 188ecc07134..32f13568df9 100644 --- a/2007/0xxx/CVE-2007-0947.json +++ b/2007/0xxx/CVE-2007-0947.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two \"HTML Objects Memory Corruption Vulnerabilities\" and a different issue than CVE-2007-0946." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2007-36/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-36/advisory/" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-027", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "23772", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23772" - }, - { - "name" : "ADV-2007-1712", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1712" - }, - { - "name" : "34403", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34403" - }, - { - "name" : "oval:org.mitre.oval:def:2048", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2048" - }, - { - "name" : "1018019", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018019" - }, - { - "name" : "23769", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23769" - }, - { - "name" : "ie-html-memory-code-execution-variant(33256)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two \"HTML Objects Memory Corruption Vulnerabilities\" and a different issue than CVE-2007-0946." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://secunia.com/secunia_research/2007-36/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-36/advisory/" + }, + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "ADV-2007-1712", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1712" + }, + { + "name": "1018019", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018019" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "oval:org.mitre.oval:def:2048", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2048" + }, + { + "name": "MS07-027", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" + }, + { + "name": "23769", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23769" + }, + { + "name": "23772", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23772" + }, + { + "name": "34403", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34403" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "ie-html-memory-code-execution-variant(33256)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33256" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1179.json b/2007/1xxx/CVE-2007-1179.json index 8d17a52bb84..26a181ee4bc 100644 --- a/2007/1xxx/CVE-2007-1179.json +++ b/2007/1xxx/CVE-2007-1179.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) the Recommend feature, Email Article (2) senders and (3) recipients, (4) New User Approval, (5) Edit Profiles, (6) the Newsletter Subscription form, (7) the Recommend form, and (8) sending of articles, which has unknown impact, and remote attack vectors related to spam attacks and possibly other attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" - }, - { - "name" : "22563", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22563" - }, - { - "name" : "ADV-2007-0604", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0604" - }, - { - "name" : "33284", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33284" - }, - { - "name" : "24080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) the Recommend feature, Email Article (2) senders and (3) recipients, (4) New User Approval, (5) Edit Profiles, (6) the Newsletter Subscription form, (7) the Recommend form, and (8) sending of articles, which has unknown impact, and remote attack vectors related to spam attacks and possibly other attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33284", + "refsource": "OSVDB", + "url": "http://osvdb.org/33284" + }, + { + "name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" + }, + { + "name": "ADV-2007-0604", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0604" + }, + { + "name": "24080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24080" + }, + { + "name": "22563", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22563" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1547.json b/2007/1xxx/CVE-2007-1547.json index f3799f6e645..13fcfbeab4e 100644 --- a/2007/1xxx/CVE-2007-1547.json +++ b/2007/1xxx/CVE-2007-1547.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070403 FLEA-2007-0007-1: nas", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt" - }, - { - "name" : "http://www.radscan.com/nas/HISTORY", - "refsource" : "CONFIRM", - "url" : "http://www.radscan.com/nas/HISTORY" - }, - { - "name" : "DSA-1273", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1273" - }, - { - "name" : "GLSA-200704-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-20.xml" - }, - { - "name" : "MDKSA-2007:065", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" - }, - { - "name" : "USN-446-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-446-1" - }, - { - "name" : "23017", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23017" - }, - { - "name" : "ADV-2007-0997", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0997" - }, - { - "name" : "1017822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017822" - }, - { - "name" : "24527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24527" - }, - { - "name" : "24601", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24601" - }, - { - "name" : "24628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24628" - }, - { - "name" : "24638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24638" - }, - { - "name" : "24980", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24980" - }, - { - "name" : "nas-readrequestfromclient-dos(33059)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:065", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" + }, + { + "name": "1017822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017822" + }, + { + "name": "24980", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24980" + }, + { + "name": "24527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24527" + }, + { + "name": "23017", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23017" + }, + { + "name": "24601", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24601" + }, + { + "name": "USN-446-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-446-1" + }, + { + "name": "24628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24628" + }, + { + "name": "GLSA-200704-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-20.xml" + }, + { + "name": "ADV-2007-0997", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0997" + }, + { + "name": "nas-readrequestfromclient-dos(33059)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33059" + }, + { + "name": "20070403 FLEA-2007-0007-1: nas", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" + }, + { + "name": "24638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24638" + }, + { + "name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt" + }, + { + "name": "DSA-1273", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1273" + }, + { + "name": "http://www.radscan.com/nas/HISTORY", + "refsource": "CONFIRM", + "url": "http://www.radscan.com/nas/HISTORY" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1664.json b/2007/1xxx/CVE-2007-1664.json index b02cdb7d4c4..9af510b6a28 100644 --- a/2007/1xxx/CVE-2007-1664.json +++ b/2007/1xxx/CVE-2007-1664.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1664", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1664", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-1318", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1318" - }, - { - "name" : "24600", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24600" - }, - { - "name" : "45378", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45378" - }, - { - "name" : "ekg-token-ocr-dos(35135)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24600", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24600" + }, + { + "name": "45378", + "refsource": "OSVDB", + "url": "http://osvdb.org/45378" + }, + { + "name": "DSA-1318", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1318" + }, + { + "name": "ekg-token-ocr-dos(35135)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35135" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4316.json b/2007/4xxx/CVE-2007-4316.json index dfbc06f06b0..9e6e2256611 100644 --- a/2007/4xxx/CVE-2007-4316.json +++ b/2007/4xxx/CVE-2007-4316.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070810 Zyxel Zywall 2 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476031/100/0/threaded" - }, - { - "name" : "http://www.louhi.fi/advisory/zyxel_070810.txt", - "refsource" : "MISC", - "url" : "http://www.louhi.fi/advisory/zyxel_070810.txt" - }, - { - "name" : "37669", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37669" - }, - { - "name" : "26381", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26381" - }, - { - "name" : "3002", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3002" - }, - { - "name" : "zywall-management-default-passwords(35914)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35914" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.louhi.fi/advisory/zyxel_070810.txt", + "refsource": "MISC", + "url": "http://www.louhi.fi/advisory/zyxel_070810.txt" + }, + { + "name": "20070810 Zyxel Zywall 2 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476031/100/0/threaded" + }, + { + "name": "zywall-management-default-passwords(35914)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35914" + }, + { + "name": "3002", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3002" + }, + { + "name": "26381", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26381" + }, + { + "name": "37669", + "refsource": "OSVDB", + "url": "http://osvdb.org/37669" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4663.json b/2007/4xxx/CVE-2007-4663.json index 32acffbc1ce..a35591b9693 100644 --- a/2007/4xxx/CVE-2007-4663.json +++ b/2007/4xxx/CVE-2007-4663.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.4", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.4" - }, - { - "name" : "http://www.php.net/releases/5_2_4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_4.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1702", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1702" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1693", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1693" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "ADV-2007-3023", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3023" - }, - { - "name" : "26642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26642" - }, - { - "name" : "26838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26838" - }, - { - "name" : "27377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27377" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "php-glob-security-bypass(36386)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36386" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.4", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.4" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1693", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1693" + }, + { + "name": "php-glob-security-bypass(36386)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36386" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1702", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1702" + }, + { + "name": "26838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26838" + }, + { + "name": "27377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27377" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "ADV-2007-3023", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3023" + }, + { + "name": "http://www.php.net/releases/5_2_4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_4.php" + }, + { + "name": "26642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26642" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5089.json b/2007/5xxx/CVE-2007-5089.json index 7e55d47c412..be0ab8f4e70 100644 --- a/2007/5xxx/CVE-2007-5089.json +++ b/2007/5xxx/CVE-2007-5089.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in php-inc/log.inc.php in sk.log 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SKIN_URL parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070924 sk.log v0.5.3 Remote File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480484/100/0/threaded" - }, - { - "name" : "20070926 true: sk.log 0.5.3 RFI", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-September/001803.html" - }, - { - "name" : "4454", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4454" - }, - { - "name" : "25791", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25791" - }, - { - "name" : "ADV-2007-3256", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3256" - }, - { - "name" : "38574", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38574" - }, - { - "name" : "3168", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3168" - }, - { - "name" : "sklog-loginc-file-include(36765)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36765" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in php-inc/log.inc.php in sk.log 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SKIN_URL parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070926 true: sk.log 0.5.3 RFI", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-September/001803.html" + }, + { + "name": "3168", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3168" + }, + { + "name": "4454", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4454" + }, + { + "name": "25791", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25791" + }, + { + "name": "sklog-loginc-file-include(36765)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36765" + }, + { + "name": "ADV-2007-3256", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3256" + }, + { + "name": "20070924 sk.log v0.5.3 Remote File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480484/100/0/threaded" + }, + { + "name": "38574", + "refsource": "OSVDB", + "url": "http://osvdb.org/38574" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5491.json b/2007/5xxx/CVE-2007-5491.json index 5e6b0721e1d..9081e0ef620 100644 --- a/2007/5xxx/CVE-2007-5491.json +++ b/2007/5xxx/CVE-2007-5491.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via \"..\" sequences in the lang parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup", - "refsource" : "MISC", - "url" : "http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup" - }, - { - "name" : "https://bugs.gentoo.org/show_bug.cgi?id=195810", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/show_bug.cgi?id=195810" - }, - { - "name" : "DSA-1423", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1423" - }, - { - "name" : "GLSA-200711-05", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml" - }, - { - "name" : "26126", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26126" - }, - { - "name" : "ADV-2007-3768", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3768" - }, - { - "name" : "27503", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27503" - }, - { - "name" : "28008", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via \"..\" sequences in the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup", + "refsource": "MISC", + "url": "http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup" + }, + { + "name": "27503", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27503" + }, + { + "name": "https://bugs.gentoo.org/show_bug.cgi?id=195810", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=195810" + }, + { + "name": "GLSA-200711-05", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-05.xml" + }, + { + "name": "26126", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26126" + }, + { + "name": "28008", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28008" + }, + { + "name": "DSA-1423", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1423" + }, + { + "name": "ADV-2007-3768", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3768" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5652.json b/2007/5xxx/CVE-2007-5652.json index 601887fa7f1..9e0a004b4cf 100644 --- a/2007/5xxx/CVE-2007-5652.json +++ b/2007/5xxx/CVE-2007-5652.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5652", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5652", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" - }, - { - "name" : "LI72519", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg1LI72519" - }, - { - "name" : "26450", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26450" - }, - { - "name" : "ADV-2007-3538", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3538" - }, - { - "name" : "ADV-2007-3867", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3867" - }, - { - "name" : "27177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27177" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" + }, + { + "name": "ADV-2007-3538", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3538" + }, + { + "name": "ADV-2007-3867", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3867" + }, + { + "name": "26450", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26450" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031" + }, + { + "name": "LI72519", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=swg1LI72519" + }, + { + "name": "27177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27177" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5786.json b/2007/5xxx/CVE-2007-5786.json index 8a61537e089..9043b972199 100644 --- a/2007/5xxx/CVE-2007-5786.json +++ b/2007/5xxx/CVE-2007-5786.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5786", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_newgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5786", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4575", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4575" - }, - { - "name" : "26223", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26223" - }, - { - "name" : "ADV-2007-3646", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3646" - }, - { - "name" : "gosamba-includepath-file-include(38123)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38123" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) HTML_oben.php, (2) inc_freigabe.php, (3) inc_freigabe1.php, or (4) inc_freigabe3.php in include/; (5) inc_group.php; (6) inc_manager.php; (7) inc_newgroup.php; (8) inc_smb_conf.php; (9) inc_user.php; or (10) main.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4575", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4575" + }, + { + "name": "gosamba-includepath-file-include(38123)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38123" + }, + { + "name": "26223", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26223" + }, + { + "name": "ADV-2007-3646", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3646" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5793.json b/2007/5xxx/CVE-2007-5793.json index fc7e5c5fd91..964b56c9305 100644 --- a/2007/5xxx/CVE-2007-5793.json +++ b/2007/5xxx/CVE-2007-5793.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5793", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5793", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MIMG-72BRKJ", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/MIMG-72BRKJ" - }, - { - "name" : "VU#739224", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/739224" - }, - { - "name" : "ADV-2007-2757", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2757" - }, - { - "name" : "40627", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40627" - }, - { - "name" : "27455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27455" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#739224", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/739224" + }, + { + "name": "ADV-2007-2757", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2757" + }, + { + "name": "27455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27455" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MIMG-72BRKJ", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/MIMG-72BRKJ" + }, + { + "name": "40627", + "refsource": "OSVDB", + "url": "http://osvdb.org/40627" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5831.json b/2007/5xxx/CVE-2007-5831.json index 87642ea7954..9f7a57f2b9a 100644 --- a/2007/5xxx/CVE-2007-5831.json +++ b/2007/5xxx/CVE-2007-5831.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5831", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5831", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=700251", - "refsource" : "MISC", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=700251" - }, - { - "name" : "36914", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36914" - }, - { - "name" : "25512", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25512" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attackers to access arbitrary files via directory traversal sequences in the path parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25512", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25512" + }, + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=700251", + "refsource": "MISC", + "url": "http://sourceforge.net/forum/forum.php?forum_id=700251" + }, + { + "name": "36914", + "refsource": "OSVDB", + "url": "http://osvdb.org/36914" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3067.json b/2015/3xxx/CVE-2015-3067.json index a62bcc920de..3918b68bb72 100644 --- a/2015/3xxx/CVE-2015-3067.json +++ b/2015/3xxx/CVE-2015-3067.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3067", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3067", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-201", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-201" - }, - { - "name" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html" - }, - { - "name" : "74604", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74604" - }, - { - "name" : "1032284", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032284" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74604", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74604" + }, + { + "name": "https://helpx.adobe.com/security/products/reader/apsb15-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-201", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-201" + }, + { + "name": "1032284", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032284" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3148.json b/2015/3xxx/CVE-2015-3148.json index 43e36ef235c..7aa11cb46da 100644 --- a/2015/3xxx/CVE-2015-3148.json +++ b/2015/3xxx/CVE-2015-3148.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://curl.haxx.se/docs/adv_20150422B.html", - "refsource" : "CONFIRM", - "url" : "http://curl.haxx.se/docs/adv_20150422B.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2015-0179.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2015-0179.html" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "DSA-3232", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3232" - }, - { - "name" : "FEDORA-2015-6695", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html" - }, - { - "name" : "FEDORA-2015-6728", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html" - }, - { - "name" : "FEDORA-2015-6853", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" - }, - { - "name" : "FEDORA-2015-6864", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" - }, - { - "name" : "FEDORA-2015-6712", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html" - }, - { - "name" : "GLSA-201509-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201509-02" - }, - { - "name" : "HPSBHF03544", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145612005512270&w=2" - }, - { - "name" : "MDVSA-2015:219", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219" - }, - { - "name" : "MDVSA-2015:220", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220" - }, - { - "name" : "RHSA-2015:1254", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1254.html" - }, - { - "name" : "openSUSE-SU-2015:0799", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html" - }, - { - "name" : "USN-2591-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2591-1" - }, - { - "name" : "74301", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74301" - }, - { - "name" : "1032232", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032232" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBHF03544", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145612005512270&w=2" + }, + { + "name": "http://curl.haxx.se/docs/adv_20150422B.html", + "refsource": "CONFIRM", + "url": "http://curl.haxx.se/docs/adv_20150422B.html" + }, + { + "name": "FEDORA-2015-6853", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" + }, + { + "name": "DSA-3232", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3232" + }, + { + "name": "FEDORA-2015-6712", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html" + }, + { + "name": "74301", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74301" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "MDVSA-2015:219", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219" + }, + { + "name": "USN-2591-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2591-1" + }, + { + "name": "1032232", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032232" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "RHSA-2015:1254", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1254.html" + }, + { + "name": "MDVSA-2015:220", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:220" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "openSUSE-SU-2015:0799", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html" + }, + { + "name": "http://advisories.mageia.org/MGASA-2015-0179.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2015-0179.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "GLSA-201509-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201509-02" + }, + { + "name": "FEDORA-2015-6728", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html" + }, + { + "name": "FEDORA-2015-6695", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html" + }, + { + "name": "FEDORA-2015-6864", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3302.json b/2015/3xxx/CVE-2015-3302.json index 0fb4fc751f5..2144a04cf88 100644 --- a/2015/3xxx/CVE-2015-3302.json +++ b/2015/3xxx/CVE-2015-3302.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a \"broken authentication mechanism.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535396/100/1100/threaded" - }, - { - "name" : "36860", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36860/" - }, - { - "name" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23254", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23254" - }, - { - "name" : "74395", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74395" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a \"broken authentication mechanism.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.htbridge.com/advisory/HTB23254", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23254" + }, + { + "name": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html" + }, + { + "name": "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535396/100/1100/threaded" + }, + { + "name": "74395", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74395" + }, + { + "name": "36860", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36860/" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6020.json b/2015/6xxx/CVE-2015-6020.json index ec7e200d20f..fea53db97ab 100644 --- a/2015/6xxx/CVE-2015-6020.json +++ b/2015/6xxx/CVE-2015-6020.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R" - }, - { - "name" : "VU#870744", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/870744" - }, - { - "name" : "1034553", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034553", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034553" + }, + { + "name": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R" + }, + { + "name": "VU#870744", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/870744" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6154.json b/2015/6xxx/CVE-2015-6154.json index 2fd96c7d4ce..d0df843e53b 100644 --- a/2015/6xxx/CVE-2015-6154.json +++ b/2015/6xxx/CVE-2015-6154.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6154", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6150." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6154", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "MS15-125", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - }, - { - "name" : "1034316", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034316" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6150." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + }, + { + "name": "MS15-125", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125" + }, + { + "name": "1034316", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034316" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6595.json b/2015/6xxx/CVE-2015-6595.json index 3fdf3a5fedc..6654cc19bd6 100644 --- a/2015/6xxx/CVE-2015-6595.json +++ b/2015/6xxx/CVE-2015-6595.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6595", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6595", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6814.json b/2015/6xxx/CVE-2015-6814.json index f75c9c0ab34..314286bcb9e 100644 --- a/2015/6xxx/CVE-2015-6814.json +++ b/2015/6xxx/CVE-2015-6814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6814", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6814", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7334.json b/2015/7xxx/CVE-2015-7334.json index 5c494680c81..67377b3d45d 100644 --- a/2015/7xxx/CVE-2015-7334.json +++ b/2015/7xxx/CVE-2015-7334.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7334", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7334", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7897.json b/2015/7xxx/CVE-2015-7897.json index c0716cae364..5e6471e99a0 100644 --- a/2015/7xxx/CVE-2015-7897.json +++ b/2015/7xxx/CVE-2015-7897.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7897", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38611", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38611/" - }, - { - "name" : "http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html", - "refsource" : "MISC", - "url" : "http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html" - }, - { - "name" : "http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html" - }, - { - "name" : "https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung", - "refsource" : "MISC", - "url" : "https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html", + "refsource": "MISC", + "url": "http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html" + }, + { + "name": "https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung", + "refsource": "MISC", + "url": "https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung" + }, + { + "name": "http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html" + }, + { + "name": "38611", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38611/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8309.json b/2015/8xxx/CVE-2015-8309.json index 7fc8cde9062..51dc7ba6da9 100644 --- a/2015/8xxx/CVE-2015-8309.json +++ b/2015/8xxx/CVE-2015-8309.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the \"value\" parameter to \"download.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40361", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40361/" - }, - { - "name" : "http://www.fomori.org/cherrymusic/Changes.html", - "refsource" : "CONFIRM", - "url" : "http://www.fomori.org/cherrymusic/Changes.html" - }, - { - "name" : "https://github.com/devsnd/cherrymusic/commit/62dec34a1ea0741400dd6b6c660d303dcd651e86", - "refsource" : "CONFIRM", - "url" : "https://github.com/devsnd/cherrymusic/commit/62dec34a1ea0741400dd6b6c660d303dcd651e86" - }, - { - "name" : "https://github.com/devsnd/cherrymusic/issues/598", - "refsource" : "CONFIRM", - "url" : "https://github.com/devsnd/cherrymusic/issues/598" - }, - { - "name" : "97149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the \"value\" parameter to \"download.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/devsnd/cherrymusic/commit/62dec34a1ea0741400dd6b6c660d303dcd651e86", + "refsource": "CONFIRM", + "url": "https://github.com/devsnd/cherrymusic/commit/62dec34a1ea0741400dd6b6c660d303dcd651e86" + }, + { + "name": "https://github.com/devsnd/cherrymusic/issues/598", + "refsource": "CONFIRM", + "url": "https://github.com/devsnd/cherrymusic/issues/598" + }, + { + "name": "97149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97149" + }, + { + "name": "40361", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40361/" + }, + { + "name": "http://www.fomori.org/cherrymusic/Changes.html", + "refsource": "CONFIRM", + "url": "http://www.fomori.org/cherrymusic/Changes.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8341.json b/2015/8xxx/CVE-2015-8341.json index 660c76e810c..f60bd2cfcbc 100644 --- a/2015/8xxx/CVE-2015-8341.json +++ b/2015/8xxx/CVE-2015-8341.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8341", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8341", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-160.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-160.html" - }, - { - "name" : "DSA-3519", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3519" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "1034389", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034389" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3519", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3519" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-160.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-160.html" + }, + { + "name": "1034389", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034389" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8823.json b/2015/8xxx/CVE-2015-8823.json index cf468b821e6..229b107b51c 100644 --- a/2015/8xxx/CVE-2015-8823.json +++ b/2015/8xxx/CVE-2015-8823.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-665", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-665" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-665", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-665" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0294.json b/2016/0xxx/CVE-2016-0294.json index 4cec827e9e6..8ab0c024a31 100644 --- a/2016/0xxx/CVE-2016-0294.json +++ b/2016/0xxx/CVE-2016-0294.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0294", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0294", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0404.json b/2016/0xxx/CVE-2016-0404.json index cad34efcc86..cb72eb32978 100644 --- a/2016/0xxx/CVE-2016-0404.json +++ b/2016/0xxx/CVE-2016-0404.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034711" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0976.json b/2016/0xxx/CVE-2016-0976.json index 06434b67a5b..ba6847872a4 100644 --- a/2016/0xxx/CVE-2016-0976.json +++ b/2016/0xxx/CVE-2016-0976.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "RHSA-2016:0166", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" - }, - { - "name" : "SUSE-SU-2016:0398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" - }, - { - "name" : "SUSE-SU-2016:0400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:0412", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0415", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" - }, - { - "name" : "1034970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" + }, + { + "name": "1034970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034970" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "RHSA-2016:0166", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" + }, + { + "name": "openSUSE-SU-2016:0415", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" + }, + { + "name": "openSUSE-SU-2016:0412", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" + }, + { + "name": "SUSE-SU-2016:0398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0986.json b/2016/0xxx/CVE-2016-0986.json index c7adc486b2d..9f92edec341 100644 --- a/2016/0xxx/CVE-2016-0986.json +++ b/2016/0xxx/CVE-2016-0986.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0986", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0986", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84311", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84311" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "84311", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84311" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1146.json b/2016/1xxx/CVE-2016-1146.json index 7f34ecd588f..79dbd003d28 100644 --- a/2016/1xxx/CVE-2016-1146.json +++ b/2016/1xxx/CVE-2016-1146.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1146", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1146", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1158.json b/2016/1xxx/CVE-2016-1158.json index 84fe8ab57c6..e22cf84c0c9 100644 --- a/2016/1xxx/CVE-2016-1158.json +++ b/2016/1xxx/CVE-2016-1158.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1158", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices allows remote attackers to hijack the authentication of administrators for requests that perform administrative functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1158", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://corega.jp/support/security/20160229_wlbargmh_wlbargnl.htm", - "refsource" : "CONFIRM", - "url" : "http://corega.jp/support/security/20160229_wlbargmh_wlbargnl.htm" - }, - { - "name" : "JVN#59349382", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN59349382/index.html" - }, - { - "name" : "JVNDB-2016-000032", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000032" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices allows remote attackers to hijack the authentication of administrators for requests that perform administrative functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000032", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000032" + }, + { + "name": "JVN#59349382", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN59349382/index.html" + }, + { + "name": "http://corega.jp/support/security/20160229_wlbargmh_wlbargnl.htm", + "refsource": "CONFIRM", + "url": "http://corega.jp/support/security/20160229_wlbargmh_wlbargnl.htm" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1889.json b/2016/1xxx/CVE-2016-1889.json index dae0eb9e58b..7322208c516 100644 --- a/2016/1xxx/CVE-2016-1889.json +++ b/2016/1xxx/CVE-2016-1889.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-16:38", - "refsource" : "FREEBSD", - "url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:38.bhyve.asc" - }, - { - "name" : "1037400", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037400" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037400", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037400" + }, + { + "name": "FreeBSD-SA-16:38", + "refsource": "FREEBSD", + "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:38.bhyve.asc" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4728.json b/2016/4xxx/CVE-2016-4728.json index bb8f0a53b53..780433597e6 100644 --- a/2016/4xxx/CVE-2016-4728.json +++ b/2016/4xxx/CVE-2016-4728.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4728", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4728", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207142" - }, - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207157", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207157" - }, - { - "name" : "https://support.apple.com/HT207158", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207158" - }, - { - "name" : "APPLE-SA-2016-09-20-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "APPLE-SA-2016-09-20-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" - }, - { - "name" : "APPLE-SA-2016-09-20-7", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html" - }, - { - "name" : "93064", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93064" - }, - { - "name" : "1036854", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 mishandles error prototypes, which allows remote attackers to execute arbitrary code via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "https://support.apple.com/HT207157", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207157" + }, + { + "name": "https://support.apple.com/HT207158", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207158" + }, + { + "name": "APPLE-SA-2016-09-20-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" + }, + { + "name": "1036854", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036854" + }, + { + "name": "93064", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93064" + }, + { + "name": "https://support.apple.com/HT207142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207142" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + }, + { + "name": "APPLE-SA-2016-09-20-7", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00012.html" + }, + { + "name": "APPLE-SA-2016-09-20-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5101.json b/2016/5xxx/CVE-2016-5101.json index d07699d7203..cdc08839e85 100644 --- a/2016/5xxx/CVE-2016-5101.json +++ b/2016/5xxx/CVE-2016-5101.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update/" - }, - { - "name" : "91507", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91507" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Opera Mail before 2016-02-16 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted e-mail message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/blogs/security/2016/02/opera-12-and-opera-mail-security-update/" + }, + { + "name": "91507", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91507" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5577.json b/2016/5xxx/CVE-2016-5577.json index 41852a149bc..50ee721b40e 100644 --- a/2016/5xxx/CVE-2016-5577.json +++ b/2016/5xxx/CVE-2016-5577.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558, CVE-2016-5574, CVE-2016-5578, CVE-2016-5579, and CVE-2016-5588." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93646", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93646" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558, CVE-2016-5574, CVE-2016-5578, CVE-2016-5579, and CVE-2016-5588." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93646", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93646" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5682.json b/2016/5xxx/CVE-2016-5682.json index 27eb4ecb1ec..7510d8ef07c 100644 --- a/2016/5xxx/CVE-2016-5682.json +++ b/2016/5xxx/CVE-2016-5682.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5682", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Swagger-UI before 2.2.1", - "version" : { - "version_data" : [ - { - "version_value" : "Swagger-UI before 2.2.1" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XSS" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5682", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Swagger-UI before 2.2.1", + "version": { + "version_data": [ + { + "version_value": "Swagger-UI before 2.2.1" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/infosec/blog/2016/09/02/r7-2016-19-persistent-xss-via-unescaped-parameters-in-swagger-ui", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/infosec/blog/2016/09/02/r7-2016-19-persistent-xss-via-unescaped-parameters-in-swagger-ui" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/infosec/blog/2016/09/02/r7-2016-19-persistent-xss-via-unescaped-parameters-in-swagger-ui", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/infosec/blog/2016/09/02/r7-2016-19-persistent-xss-via-unescaped-parameters-in-swagger-ui" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5898.json b/2016/5xxx/CVE-2016-5898.json index d9801f43bf5..ee74d0cee25 100644 --- a/2016/5xxx/CVE-2016-5898.json +++ b/2016/5xxx/CVE-2016-5898.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-5898", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jazz Reporting Service", - "version" : { - "version_data" : [ - { - "version_value" : "6" - }, - { - "version_value" : "5.0" - }, - { - "version_value" : "5.0.1" - }, - { - "version_value" : "5.0.2" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5898", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jazz Reporting Service", + "version": { + "version_data": [ + { + "version_value": "6" + }, + { + "version_value": "5.0" + }, + { + "version_value": "5.0.1" + }, + { + "version_value": "5.0.2" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21991154", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21991154" - }, - { - "name" : "94848", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94848" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21991154", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21991154" + }, + { + "name": "94848", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94848" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0371.json b/2019/0xxx/CVE-2019-0371.json index a739e43d5d3..d3dd9bcd9c0 100644 --- a/2019/0xxx/CVE-2019-0371.json +++ b/2019/0xxx/CVE-2019-0371.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0371", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0371", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0535.json b/2019/0xxx/CVE-2019-0535.json index d98f0f715e3..fbd766fc0fc 100644 --- a/2019/0xxx/CVE-2019-0535.json +++ b/2019/0xxx/CVE-2019-0535.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0535", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0535", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0819.json b/2019/0xxx/CVE-2019-0819.json index f836a96accb..5937366e29d 100644 --- a/2019/0xxx/CVE-2019-0819.json +++ b/2019/0xxx/CVE-2019-0819.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0819", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0819", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1124.json b/2019/1xxx/CVE-2019-1124.json index d4b920dfad8..0439046d4de 100644 --- a/2019/1xxx/CVE-2019-1124.json +++ b/2019/1xxx/CVE-2019-1124.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1124", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1124", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1180.json b/2019/1xxx/CVE-2019-1180.json index 598af9f6f08..f313d8b4f1e 100644 --- a/2019/1xxx/CVE-2019-1180.json +++ b/2019/1xxx/CVE-2019-1180.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1180", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1180", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1432.json b/2019/1xxx/CVE-2019-1432.json index 48d504dccbf..ee395d273ef 100644 --- a/2019/1xxx/CVE-2019-1432.json +++ b/2019/1xxx/CVE-2019-1432.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1432", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1432", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3715.json b/2019/3xxx/CVE-2019-3715.json index 3a9b528501f..7e46ae041e8 100644 --- a/2019/3xxx/CVE-2019-3715.json +++ b/2019/3xxx/CVE-2019-3715.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@dell.com", - "DATE_PUBLIC" : "2019-03-09T05:00:00.000Z", - "ID" : "CVE-2019-3715", - "STATE" : "PUBLIC", - "TITLE" : "Information Exposure Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "RSA Archer", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "6.5 P1" - } - ] - } - } - ] - }, - "vendor_name" : "Dell" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "LOCAL", - "availabilityImpact" : "HIGH", - "baseScore" : 7.8, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "HIGH", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Exposure Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "DATE_PUBLIC": "2019-03-09T05:00:00.000Z", + "ID": "CVE-2019-3715", + "STATE": "PUBLIC", + "TITLE": "Information Exposure Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "RSA Archer", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "6.5 P1" + } + ] + } + } + ] + }, + "vendor_name": "Dell" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190306 DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "https://seclists.org/fulldisclosure/2019/Mar/19" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Exposure Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20190306 DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "https://seclists.org/fulldisclosure/2019/Mar/19" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3768.json b/2019/3xxx/CVE-2019-3768.json index f8be8d5f3a2..3df88efbfd8 100644 --- a/2019/3xxx/CVE-2019-3768.json +++ b/2019/3xxx/CVE-2019-3768.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3768", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3768", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4415.json b/2019/4xxx/CVE-2019-4415.json index 85f2971002a..d2d89e7cdd3 100644 --- a/2019/4xxx/CVE-2019-4415.json +++ b/2019/4xxx/CVE-2019-4415.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4415", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4415", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4665.json b/2019/4xxx/CVE-2019-4665.json index 6fc105156b3..48f8b4fba45 100644 --- a/2019/4xxx/CVE-2019-4665.json +++ b/2019/4xxx/CVE-2019-4665.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4665", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4665", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4870.json b/2019/4xxx/CVE-2019-4870.json index d7bb6ebf68d..4baa41b46b9 100644 --- a/2019/4xxx/CVE-2019-4870.json +++ b/2019/4xxx/CVE-2019-4870.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4870", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4870", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4895.json b/2019/4xxx/CVE-2019-4895.json index 53c34175a71..918bb33f038 100644 --- a/2019/4xxx/CVE-2019-4895.json +++ b/2019/4xxx/CVE-2019-4895.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4895", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4895", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5827.json b/2019/5xxx/CVE-2019-5827.json index 3f6fb37f16c..1666a93dacc 100644 --- a/2019/5xxx/CVE-2019-5827.json +++ b/2019/5xxx/CVE-2019-5827.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5827", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5827", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8262.json b/2019/8xxx/CVE-2019-8262.json index 7bfa7970244..000fffaaf17 100644 --- a/2019/8xxx/CVE-2019-8262.json +++ b/2019/8xxx/CVE-2019-8262.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "DATE_PUBLIC" : "2019-03-01T00:00:00", - "ID" : "CVE-2019-8262", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UltraVNC", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "UltraVNC" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-122: Heap-based Buffer Overflow" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "DATE_PUBLIC": "2019-03-01T00:00:00", + "ID": "CVE-2019-8262", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UltraVNC", + "version": { + "version_data": [ + { + "version_value": "1.2.2.3" + } + ] + } + } + ] + }, + "vendor_name": "UltraVNC" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-008-ultravnc-heap-based-buffer-overflow/", - "refsource" : "MISC", - "url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-008-ultravnc-heap-based-buffer-overflow/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122: Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-008-ultravnc-heap-based-buffer-overflow/", + "refsource": "MISC", + "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-008-ultravnc-heap-based-buffer-overflow/" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8400.json b/2019/8xxx/CVE-2019-8400.json index f4c6a18b34d..4b34b7a6ba8 100644 --- a/2019/8xxx/CVE-2019-8400.json +++ b/2019/8xxx/CVE-2019-8400.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8400", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk", - "refsource" : "MISC", - "url" : "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk" - }, - { - "name" : "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06", - "refsource" : "MISC", - "url" : "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06" - }, - { - "name" : "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3", - "refsource" : "MISC", - "url" : "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3" - }, - { - "name" : "https://hackerone.com/reports/456333", - "refsource" : "MISC", - "url" : "https://hackerone.com/reports/456333" - }, - { - "name" : "https://www.youtube.com/watch?v=RIyZLeKEC8E", - "refsource" : "MISC", - "url" : "https://www.youtube.com/watch?v=RIyZLeKEC8E" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk", + "refsource": "MISC", + "url": "https://drive.google.com/file/d/1-25expUYVfK6vsiCmEabUCuelOP7aUDj/view?usp=drivesdk" + }, + { + "name": "https://www.youtube.com/watch?v=RIyZLeKEC8E", + "refsource": "MISC", + "url": "https://www.youtube.com/watch?v=RIyZLeKEC8E" + }, + { + "name": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06", + "refsource": "MISC", + "url": "https://github.com/ory/hydra/blob/master/CHANGELOG.md#v100-rc3oryos9-2018-12-06" + }, + { + "name": "https://hackerone.com/reports/456333", + "refsource": "MISC", + "url": "https://hackerone.com/reports/456333" + }, + { + "name": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3", + "refsource": "MISC", + "url": "https://github.com/ory/hydra/commit/9b5bbd48a72096930af08402c5e07fce7dd770f3" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8603.json b/2019/8xxx/CVE-2019-8603.json index 6e966de42d5..46050299e3a 100644 --- a/2019/8xxx/CVE-2019-8603.json +++ b/2019/8xxx/CVE-2019-8603.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8603", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8603", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8739.json b/2019/8xxx/CVE-2019-8739.json index 32986c62613..88aaace0d2d 100644 --- a/2019/8xxx/CVE-2019-8739.json +++ b/2019/8xxx/CVE-2019-8739.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8739", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8739", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8839.json b/2019/8xxx/CVE-2019-8839.json index b5537a49926..b98ea0f73c6 100644 --- a/2019/8xxx/CVE-2019-8839.json +++ b/2019/8xxx/CVE-2019-8839.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8839", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8839", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9233.json b/2019/9xxx/CVE-2019-9233.json index 59235ac8b74..09ccfc190c1 100644 --- a/2019/9xxx/CVE-2019-9233.json +++ b/2019/9xxx/CVE-2019-9233.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9233", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9233", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9289.json b/2019/9xxx/CVE-2019-9289.json index 0f4be329fa4..24020eedac8 100644 --- a/2019/9xxx/CVE-2019-9289.json +++ b/2019/9xxx/CVE-2019-9289.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9289", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9289", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9805.json b/2019/9xxx/CVE-2019-9805.json index b530f103f89..8f4a637a00f 100644 --- a/2019/9xxx/CVE-2019-9805.json +++ b/2019/9xxx/CVE-2019-9805.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9805", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9805", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file