From ac690d2c7f9f4f5879e7da5b8c914d18fb04f78d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 23:09:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0003.json | 200 ++++---- 2007/0xxx/CVE-2007-0116.json | 160 +++--- 2007/0xxx/CVE-2007-0188.json | 170 +++---- 2007/0xxx/CVE-2007-0530.json | 130 ++--- 2007/0xxx/CVE-2007-0775.json | 750 ++++++++++++++--------------- 2007/0xxx/CVE-2007-0801.json | 190 ++++---- 2007/1xxx/CVE-2007-1012.json | 150 +++--- 2007/1xxx/CVE-2007-1113.json | 34 +- 2007/1xxx/CVE-2007-1409.json | 160 +++--- 2007/1xxx/CVE-2007-1740.json | 34 +- 2007/3xxx/CVE-2007-3271.json | 170 +++---- 2007/3xxx/CVE-2007-3466.json | 34 +- 2007/3xxx/CVE-2007-3641.json | 270 +++++------ 2007/4xxx/CVE-2007-4281.json | 180 +++---- 2007/4xxx/CVE-2007-4504.json | 130 ++--- 2007/4xxx/CVE-2007-4687.json | 190 ++++---- 2007/4xxx/CVE-2007-4703.json | 180 +++---- 2007/4xxx/CVE-2007-4897.json | 290 +++++------ 2015/2xxx/CVE-2015-2325.json | 34 +- 2015/2xxx/CVE-2015-2729.json | 220 ++++----- 2015/2xxx/CVE-2015-2823.json | 130 ++--- 2015/6xxx/CVE-2015-6219.json | 34 +- 2015/6xxx/CVE-2015-6333.json | 130 ++--- 2015/6xxx/CVE-2015-6705.json | 130 ++--- 2015/7xxx/CVE-2015-7330.json | 130 ++--- 2015/7xxx/CVE-2015-7427.json | 130 ++--- 2016/0xxx/CVE-2016-0008.json | 140 +++--- 2016/0xxx/CVE-2016-0772.json | 280 +++++------ 2016/0xxx/CVE-2016-0805.json | 120 ++--- 2016/0xxx/CVE-2016-0979.json | 190 ++++---- 2016/1000xxx/CVE-2016-1000214.json | 130 ++--- 2016/10xxx/CVE-2016-10489.json | 132 ++--- 2016/1xxx/CVE-2016-1577.json | 170 +++---- 2016/1xxx/CVE-2016-1628.json | 220 ++++----- 2016/1xxx/CVE-2016-1734.json | 160 +++--- 2016/1xxx/CVE-2016-1924.json | 150 +++--- 2016/4xxx/CVE-2016-4174.json | 180 +++---- 2016/4xxx/CVE-2016-4225.json | 200 ++++---- 2016/4xxx/CVE-2016-4785.json | 172 +++---- 2016/4xxx/CVE-2016-4998.json | 380 +++++++-------- 2019/3xxx/CVE-2019-3230.json | 34 +- 2019/3xxx/CVE-2019-3555.json | 34 +- 2019/3xxx/CVE-2019-3891.json | 34 +- 2019/3xxx/CVE-2019-3970.json | 34 +- 2019/4xxx/CVE-2019-4686.json | 34 +- 2019/4xxx/CVE-2019-4788.json | 34 +- 2019/4xxx/CVE-2019-4821.json | 34 +- 2019/4xxx/CVE-2019-4939.json | 34 +- 2019/6xxx/CVE-2019-6172.json | 34 +- 2019/6xxx/CVE-2019-6176.json | 34 +- 2019/6xxx/CVE-2019-6392.json | 34 +- 2019/7xxx/CVE-2019-7028.json | 34 +- 2019/7xxx/CVE-2019-7183.json | 34 +- 2019/7xxx/CVE-2019-7359.json | 34 +- 2019/7xxx/CVE-2019-7371.json | 34 +- 2019/7xxx/CVE-2019-7447.json | 34 +- 2019/8xxx/CVE-2019-8109.json | 34 +- 2019/8xxx/CVE-2019-8354.json | 120 ++--- 2019/8xxx/CVE-2019-8462.json | 34 +- 2019/8xxx/CVE-2019-8956.json | 34 +- 2019/9xxx/CVE-2019-9004.json | 120 ++--- 2019/9xxx/CVE-2019-9409.json | 34 +- 2019/9xxx/CVE-2019-9578.json | 130 ++--- 63 files changed, 4017 insertions(+), 4017 deletions(-) diff --git a/2007/0xxx/CVE-2007-0003.json b/2007/0xxx/CVE-2007-0003.json index ea788c60770..bb2f0c1f54a 100644 --- a/2007/0xxx/CVE-2007-0003.json +++ b/2007/0xxx/CVE-2007-0003.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0003", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[fedora-devel-list] 20070122 Re: rawhide report: 20070120 changes", - "refsource" : "MLIST", - "url" : "http://www.redhat.com/archives/fedora-devel-list/2007-January/msg01271.html" - }, - { - "name" : "[fedora-devel-list] 20070122 Re: rawhide report: 20070120 changes", - "refsource" : "MLIST", - "url" : "http://www.redhat.com/archives/fedora-devel-list/2007-January/msg01277.html" - }, - { - "name" : "[pam-list] 20070123 Linux-PAM 0.99.7.1 released", - "refsource" : "MLIST", - "url" : "https://www.redhat.com/archives/pam-list/2007-January/msg00017.html" - }, - { - "name" : "SUSE-SR:2007:003", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_3_sr.html" - }, - { - "name" : "22204", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22204" - }, - { - "name" : "ADV-2007-0323", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0323" - }, - { - "name" : "32017", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32017" - }, - { - "name" : "23858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23858" - }, - { - "name" : "linuxpam-pamunix-security-bypass(31739)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31739" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32017", + "refsource": "OSVDB", + "url": "http://osvdb.org/32017" + }, + { + "name": "linuxpam-pamunix-security-bypass(31739)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31739" + }, + { + "name": "SUSE-SR:2007:003", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html" + }, + { + "name": "[pam-list] 20070123 Linux-PAM 0.99.7.1 released", + "refsource": "MLIST", + "url": "https://www.redhat.com/archives/pam-list/2007-January/msg00017.html" + }, + { + "name": "[fedora-devel-list] 20070122 Re: rawhide report: 20070120 changes", + "refsource": "MLIST", + "url": "http://www.redhat.com/archives/fedora-devel-list/2007-January/msg01271.html" + }, + { + "name": "ADV-2007-0323", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0323" + }, + { + "name": "[fedora-devel-list] 20070122 Re: rawhide report: 20070120 changes", + "refsource": "MLIST", + "url": "http://www.redhat.com/archives/fedora-devel-list/2007-January/msg01277.html" + }, + { + "name": "23858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23858" + }, + { + "name": "22204", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22204" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0116.json b/2007/0xxx/CVE-2007-0116.json index e7030a6c965..fcdddbe1f68 100644 --- a/2007/0xxx/CVE-2007-0116.json +++ b/2007/0xxx/CVE-2007-0116.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0116", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Digger Solutions Intranet Open Source (IOS) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for data/intranet.mdb." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0116", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 Intranet Open Source Remote Password Disclosure \"intranet.mdb\"", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456047/100/0/threaded" - }, - { - "name" : "http://aria-security.com/forum/showthread.php?goto=newpost&t=88", - "refsource" : "MISC", - "url" : "http://aria-security.com/forum/showthread.php?goto=newpost&t=88" - }, - { - "name" : "33379", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33379" - }, - { - "name" : "2109", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2109" - }, - { - "name" : "intranet-intranet-info-disclosure(31308)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31308" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Digger Solutions Intranet Open Source (IOS) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for data/intranet.mdb." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://aria-security.com/forum/showthread.php?goto=newpost&t=88", + "refsource": "MISC", + "url": "http://aria-security.com/forum/showthread.php?goto=newpost&t=88" + }, + { + "name": "33379", + "refsource": "OSVDB", + "url": "http://osvdb.org/33379" + }, + { + "name": "2109", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2109" + }, + { + "name": "intranet-intranet-info-disclosure(31308)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31308" + }, + { + "name": "20070105 Intranet Open Source Remote Password Disclosure \"intranet.mdb\"", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456047/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0188.json b/2007/0xxx/CVE-2007-0188.json index d0f6668becf..8240795800b 100644 --- a/2007/0xxx/CVE-2007-0188.json +++ b/2007/0xxx/CVE-2007-0188.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0188", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address (\"dotless IP address\"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0188", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070106 NNL-Labs & MNIN - F5 FirePass Security Advisory", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051651.html" - }, - { - "name" : "http://www.mnin.org/advisories/2007_firepass.pdf", - "refsource" : "MISC", - "url" : "http://www.mnin.org/advisories/2007_firepass.pdf" - }, - { - "name" : "https://tech.f5.com/home/solutions/sol6922.html", - "refsource" : "CONFIRM", - "url" : "https://tech.f5.com/home/solutions/sol6922.html" - }, - { - "name" : "21957", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21957" - }, - { - "name" : "32734", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32734" - }, - { - "name" : "23640", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address (\"dotless IP address\"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mnin.org/advisories/2007_firepass.pdf", + "refsource": "MISC", + "url": "http://www.mnin.org/advisories/2007_firepass.pdf" + }, + { + "name": "https://tech.f5.com/home/solutions/sol6922.html", + "refsource": "CONFIRM", + "url": "https://tech.f5.com/home/solutions/sol6922.html" + }, + { + "name": "23640", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23640" + }, + { + "name": "32734", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32734" + }, + { + "name": "20070106 NNL-Labs & MNIN - F5 FirePass Security Advisory", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051651.html" + }, + { + "name": "21957", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21957" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0530.json b/2007/0xxx/CVE-2007-0530.json index 4d68d07fe02..21bd9c8df9d 100644 --- a/2007/0xxx/CVE-2007-0530.json +++ b/2007/0xxx/CVE-2007-0530.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been disputed by third party researchers, stating that the include_path variable is instantiated before use." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070123 Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457870/100/0/threaded" - }, - { - "name" : "20070123 Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457955/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) index.php, (2) addentry.php, or (3) picture.php, a different set of vectors than CVE-2006-5804. NOTE: this issue has been disputed by third party researchers, stating that the include_path variable is instantiated before use." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070123 Re: Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457955/100/0/threaded" + }, + { + "name": "20070123 Advanced Guestbook <=- 2.4.2 (include_path) Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457870/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0775.json b/2007/0xxx/CVE-2007-0775.json index 14be14e5b04..6bf78cb20b3 100644 --- a/2007/0xxx/CVE-2007-0775.json +++ b/2007/0xxx/CVE-2007-0775.json @@ -1,377 +1,377 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0775", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0775", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070226 rPSA-2007-0040-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded" - }, - { - "name" : "20070303 rPSA-2007-0040-3 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1081", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1081" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1103", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1103" - }, - { - "name" : "DSA-1336", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1336" - }, - { - "name" : "FEDORA-2007-281", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2713" - }, - { - "name" : "FEDORA-2007-293", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2728" - }, - { - "name" : "FEDORA-2007-308", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2747" - }, - { - "name" : "FEDORA-2007-309", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2749" - }, - { - "name" : "GLSA-200703-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" - }, - { - "name" : "GLSA-200703-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" - }, - { - "name" : "GLSA-200703-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-18.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:050", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" - }, - { - "name" : "MDKSA-2007:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052" - }, - { - "name" : "RHSA-2007:0079", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html" - }, - { - "name" : "RHSA-2007:0077", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html" - }, - { - "name" : "RHSA-2007:0078", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html" - }, - { - "name" : "RHSA-2007:0097", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html" - }, - { - "name" : "RHSA-2007:0108", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "20070202-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" - }, - { - "name" : "SSA:2007-066-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" - }, - { - "name" : "SSA:2007-066-04", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947" - }, - { - "name" : "SSA:2007-066-05", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" - }, - { - "name" : "SUSE-SA:2007:019", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" - }, - { - "name" : "SUSE-SA:2007:022", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" - }, - { - "name" : "USN-428-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-428-1" - }, - { - "name" : "USN-431-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-431-1" - }, - { - "name" : "VU#761756", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/761756" - }, - { - "name" : "22694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22694" - }, - { - "name" : "oval:org.mitre.oval:def:10012", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10012" - }, - { - "name" : "ADV-2007-0719", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0719" - }, - { - "name" : "ADV-2007-0718", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0718" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "32114", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32114" - }, - { - "name" : "1017698", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017698" - }, - { - "name" : "24238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24238" - }, - { - "name" : "24252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24252" - }, - { - "name" : "24287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24287" - }, - { - "name" : "24290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24290" - }, - { - "name" : "24205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24205" - }, - { - "name" : "24328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24328" - }, - { - "name" : "24333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24333" - }, - { - "name" : "24343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24343" - }, - { - "name" : "24320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24320" - }, - { - "name" : "24293", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24293" - }, - { - "name" : "24393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24393" - }, - { - "name" : "24395", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24395" - }, - { - "name" : "24384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24384" - }, - { - "name" : "24389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24389" - }, - { - "name" : "24410", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24410" - }, - { - "name" : "24437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24437" - }, - { - "name" : "24522", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24522" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24406", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24406" - }, - { - "name" : "24455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24455" - }, - { - "name" : "24456", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24456" - }, - { - "name" : "24457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24457" - }, - { - "name" : "24342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24342" - }, - { - "name" : "25588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25588" - }, - { - "name" : "mozilla-multiple-layout-code-execution(32704)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0078", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html" + }, + { + "name": "32114", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32114" + }, + { + "name": "24395", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24395" + }, + { + "name": "20070226 rPSA-2007-0040-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded" + }, + { + "name": "FEDORA-2007-308", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2747" + }, + { + "name": "24328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24328" + }, + { + "name": "RHSA-2007:0108", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html" + }, + { + "name": "GLSA-200703-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" + }, + { + "name": "24252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24252" + }, + { + "name": "GLSA-200703-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" + }, + { + "name": "SSA:2007-066-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" + }, + { + "name": "24384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24384" + }, + { + "name": "24406", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24406" + }, + { + "name": "24457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24457" + }, + { + "name": "MDKSA-2007:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:052" + }, + { + "name": "24343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24343" + }, + { + "name": "DSA-1336", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1336" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "ADV-2007-0718", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0718" + }, + { + "name": "FEDORA-2007-309", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2749" + }, + { + "name": "GLSA-200703-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-18.xml" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "USN-428-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-428-1" + }, + { + "name": "24320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24320" + }, + { + "name": "25588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25588" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1103", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1103" + }, + { + "name": "mozilla-multiple-layout-code-execution(32704)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32704" + }, + { + "name": "SUSE-SA:2007:019", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "20070303 rPSA-2007-0040-3 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded" + }, + { + "name": "SUSE-SA:2007:022", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" + }, + { + "name": "24293", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24293" + }, + { + "name": "24238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24238" + }, + { + "name": "SSA:2007-066-04", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.363947" + }, + { + "name": "24456", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24456" + }, + { + "name": "24393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24393" + }, + { + "name": "24342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24342" + }, + { + "name": "24287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24287" + }, + { + "name": "24522", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24522" + }, + { + "name": "22694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22694" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "ADV-2007-0719", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0719" + }, + { + "name": "FEDORA-2007-281", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2713" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-01.html" + }, + { + "name": "USN-431-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-431-1" + }, + { + "name": "RHSA-2007:0097", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html" + }, + { + "name": "FEDORA-2007-293", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2728" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "24205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24205" + }, + { + "name": "24389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24389" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1081", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1081" + }, + { + "name": "24410", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24410" + }, + { + "name": "24333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24333" + }, + { + "name": "MDKSA-2007:050", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" + }, + { + "name": "24290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24290" + }, + { + "name": "24455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24455" + }, + { + "name": "RHSA-2007:0077", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html" + }, + { + "name": "20070202-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" + }, + { + "name": "oval:org.mitre.oval:def:10012", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10012" + }, + { + "name": "1017698", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017698" + }, + { + "name": "SSA:2007-066-05", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" + }, + { + "name": "RHSA-2007:0079", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html" + }, + { + "name": "VU#761756", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/761756" + }, + { + "name": "24437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24437" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0801.json b/2007/0xxx/CVE-2007-0801.json index b73e984ab53..d7ca4a3e039 100644 --- a/2007/0xxx/CVE-2007-0801.json +++ b/2007/0xxx/CVE-2007-0801.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0801", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0801", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070205 Firefox + popup blocker + XMLHttpRequest + srand() = oops", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459162/100/0/threaded" - }, - { - "name" : "20070205 Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459163/100/0/threaded" - }, - { - "name" : "GLSA-200703-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" - }, - { - "name" : "GLSA-200703-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" - }, - { - "name" : "22396", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22396" - }, - { - "name" : "32108", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32108" - }, - { - "name" : "24393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24393" - }, - { - "name" : "24437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24437" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200703-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" + }, + { + "name": "22396", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22396" + }, + { + "name": "GLSA-200703-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" + }, + { + "name": "24393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24393" + }, + { + "name": "32108", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32108" + }, + { + "name": "20070205 Re: [Full-disclosure] Firefox + popup blocker + XMLHttpRequest + srand() = oops", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459163/100/0/threaded" + }, + { + "name": "20070205 Firefox + popup blocker + XMLHttpRequest + srand() = oops", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459162/100/0/threaded" + }, + { + "name": "24437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24437" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1012.json b/2007/1xxx/CVE-2007-1012.json index 492a0e1f9a3..4896491b12f 100644 --- a/2007/1xxx/CVE-2007-1012.json +++ b/2007/1xxx/CVE-2007-1012.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the article parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070214 XSS in [deskpro.com v1.1.0 ]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460200/100/0/threaded" - }, - { - "name" : "33725", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33725" - }, - { - "name" : "2267", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2267" - }, - { - "name" : "deskprocom-faq-xss(32525)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in faq.php in DeskPRO 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the article parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2267", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2267" + }, + { + "name": "33725", + "refsource": "OSVDB", + "url": "http://osvdb.org/33725" + }, + { + "name": "deskprocom-faq-xss(32525)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32525" + }, + { + "name": "20070214 XSS in [deskpro.com v1.1.0 ]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460200/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1113.json b/2007/1xxx/CVE-2007-1113.json index a9d5ebfea48..0078e91ffc0 100644 --- a/2007/1xxx/CVE-2007-1113.json +++ b/2007/1xxx/CVE-2007-1113.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1113", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1113", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1409.json b/2007/1xxx/CVE-2007-1409.json index e7ef3116399..74a40786630 100644 --- a/2007/1xxx/CVE-2007-1409.json +++ b/2007/1xxx/CVE-2007-1409.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1409", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070308 Re: Word Press Sensitive Directory exposure (SQL)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462249/100/0/threaded" - }, - { - "name" : "20070308 Word Press Sensitive Directory exposure (SQL)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462230/100/0/threaded" - }, - { - "name" : "GLSA-200703-23", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml" - }, - { - "name" : "24566", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24566" - }, - { - "name" : "wordpress-adminfunctions-sql-injection(32881)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070308 Re: Word Press Sensitive Directory exposure (SQL)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462249/100/0/threaded" + }, + { + "name": "20070308 Word Press Sensitive Directory exposure (SQL)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462230/100/0/threaded" + }, + { + "name": "24566", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24566" + }, + { + "name": "wordpress-adminfunctions-sql-injection(32881)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32881" + }, + { + "name": "GLSA-200703-23", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1740.json b/2007/1xxx/CVE-2007-1740.json index d980068e572..3eb72f03004 100644 --- a/2007/1xxx/CVE-2007-1740.json +++ b/2007/1xxx/CVE-2007-1740.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1740", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4843. Reason: This candidate is a duplicate of CVE-2006-4843. Notes: All CVE users should reference CVE-2006-4843 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-1740", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4843. Reason: This candidate is a duplicate of CVE-2006-4843. Notes: All CVE users should reference CVE-2006-4843 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3271.json b/2007/3xxx/CVE-2007-3271.json index 7fd00017b47..0a4b239ffaf 100644 --- a/2007/3xxx/CVE-2007-3271.json +++ b/2007/3xxx/CVE-2007-3271.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4075", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4075" - }, - { - "name" : "24500", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24500" - }, - { - "name" : "36891", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36891" - }, - { - "name" : "ADV-2007-2241", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2241" - }, - { - "name" : "25728", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25728" - }, - { - "name" : "yourfreescreamer-bodytemplate-file-include(34927)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "yourfreescreamer-bodytemplate-file-include(34927)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34927" + }, + { + "name": "ADV-2007-2241", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2241" + }, + { + "name": "25728", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25728" + }, + { + "name": "36891", + "refsource": "OSVDB", + "url": "http://osvdb.org/36891" + }, + { + "name": "4075", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4075" + }, + { + "name": "24500", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24500" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3466.json b/2007/3xxx/CVE-2007-3466.json index 50ffdfdcd8e..4a0484cfa86 100644 --- a/2007/3xxx/CVE-2007-3466.json +++ b/2007/3xxx/CVE-2007-3466.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3466", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3466", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3641.json b/2007/3xxx/CVE-2007-3641.json index e17d401e79c..4c63f1cde40 100644 --- a/2007/3xxx/CVE-2007-3641.json +++ b/2007/3xxx/CVE-2007-3641.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3641", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PAX or (2) TAR archive that triggers a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secteam@freebsd.org", + "ID": "CVE-2007-3641", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://security.freebsd.org/patches/SA-07:05/libarchive.patch", - "refsource" : "MISC", - "url" : "http://security.freebsd.org/patches/SA-07:05/libarchive.patch" - }, - { - "name" : "http://people.freebsd.org/~kientzle/libarchive/", - "refsource" : "CONFIRM", - "url" : "http://people.freebsd.org/~kientzle/libarchive/" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924" - }, - { - "name" : "DSA-1455", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1455" - }, - { - "name" : "FreeBSD-SA-07:05.libarchive", - "refsource" : "FREEBSD", - "url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc" - }, - { - "name" : "GLSA-200708-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200708-03.xml" - }, - { - "name" : "SUSE-SR:2007:015", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" - }, - { - "name" : "24885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24885" - }, - { - "name" : "38092", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38092" - }, - { - "name" : "ADV-2007-2521", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2521" - }, - { - "name" : "1018379", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018379" - }, - { - "name" : "26050", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26050" - }, - { - "name" : "26062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26062" - }, - { - "name" : "26355", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26355" - }, - { - "name" : "28377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28377" - }, - { - "name" : "freebsd-libarchive-pax-bo(35405)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35405" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PAX or (2) TAR archive that triggers a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "freebsd-libarchive-pax-bo(35405)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35405" + }, + { + "name": "ADV-2007-2521", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2521" + }, + { + "name": "DSA-1455", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1455" + }, + { + "name": "FreeBSD-SA-07:05.libarchive", + "refsource": "FREEBSD", + "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc" + }, + { + "name": "http://security.freebsd.org/patches/SA-07:05/libarchive.patch", + "refsource": "MISC", + "url": "http://security.freebsd.org/patches/SA-07:05/libarchive.patch" + }, + { + "name": "26050", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26050" + }, + { + "name": "24885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24885" + }, + { + "name": "GLSA-200708-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200708-03.xml" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432924" + }, + { + "name": "38092", + "refsource": "OSVDB", + "url": "http://osvdb.org/38092" + }, + { + "name": "http://people.freebsd.org/~kientzle/libarchive/", + "refsource": "CONFIRM", + "url": "http://people.freebsd.org/~kientzle/libarchive/" + }, + { + "name": "26062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26062" + }, + { + "name": "26355", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26355" + }, + { + "name": "1018379", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018379" + }, + { + "name": "28377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28377" + }, + { + "name": "SUSE-SR:2007:015", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4281.json b/2007/4xxx/CVE-2007-4281.json index c6400d728d4..f6dc65ed2e3 100644 --- a/2007/4xxx/CVE-2007-4281.json +++ b/2007/4xxx/CVE-2007-4281.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4281", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page, and other unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4281", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=722865", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=722865" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851" - }, - { - "name" : "http://support.ktdms.com/browse/KTS-2178", - "refsource" : "CONFIRM", - "url" : "http://support.ktdms.com/browse/KTS-2178" - }, - { - "name" : "25231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25231" - }, - { - "name" : "ADV-2007-2812", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2812" - }, - { - "name" : "36579", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36579" - }, - { - "name" : "26333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26333" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page, and other unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36579", + "refsource": "OSVDB", + "url": "http://osvdb.org/36579" + }, + { + "name": "ADV-2007-2812", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2812" + }, + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=722865", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=722865" + }, + { + "name": "25231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25231" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=530698&group_id=107851" + }, + { + "name": "26333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26333" + }, + { + "name": "http://support.ktdms.com/browse/KTS-2178", + "refsource": "CONFIRM", + "url": "http://support.ktdms.com/browse/KTS-2178" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4504.json b/2007/4xxx/CVE-2007-4504.json index 3e4455f9bd3..c1d46f2d9e9 100644 --- a/2007/4xxx/CVE-2007-4504.json +++ b/2007/4xxx/CVE-2007-4504.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4307", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4307" - }, - { - "name" : "rsfiles-index-file-download(36222)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36222" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "rsfiles-index-file-download(36222)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36222" + }, + { + "name": "4307", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4307" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4687.json b/2007/4xxx/CVE-2007-4687.json index e02438cf02c..ac347c5f2c7 100644 --- a/2007/4xxx/CVE-2007-4687.json +++ b/2007/4xxx/CVE-2007-4687.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4687", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4687", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "1018950", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018950" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "macosx-remotecmds-unauth-access(38471)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38471" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The remote_cmds component in Apple Mac OS X 10.4 through 10.4.10 contains a symbolic link from the tftpboot private directory to the root directory, which allows tftpd users to escape the private directory and access arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018950", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018950" + }, + { + "name": "macosx-remotecmds-unauth-access(38471)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38471" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4703.json b/2007/4xxx/CVE-2007-4703.json index df71b087f44..41a79aa8a3b 100644 --- a/2007/4xxx/CVE-2007-4703.json +++ b/2007/4xxx/CVE-2007-4703.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4703", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when \"Block incoming connections\" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4703", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2007-11-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307004", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307004" - }, - { - "name" : "26460", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26460" - }, - { - "name" : "ADV-2007-3897", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3897" - }, - { - "name" : "1018958", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018958" - }, - { - "name" : "27695", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27695" - }, - { - "name" : "macosx-appfw-rootuid-bypass(38479)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Application Firewall in Apple Mac OS X 10.5 does not prevent a root process from accepting incoming connections, even when \"Block incoming connections\" has been set for its associated executable, which might allow remote attackers or local root processes to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27695", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27695" + }, + { + "name": "APPLE-SA-2007-11-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00004.html" + }, + { + "name": "macosx-appfw-rootuid-bypass(38479)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38479" + }, + { + "name": "26460", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26460" + }, + { + "name": "ADV-2007-3897", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3897" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307004", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307004" + }, + { + "name": "1018958", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018958" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4897.json b/2007/4xxx/CVE-2007-4897.json index 5114c9654d1..392890331c0 100644 --- a/2007/4xxx/CVE-2007-4897.json +++ b/2007/4xxx/CVE-2007-4897.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4897", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070912 S21SEC-036-EN Ekiga <= 2.0.5 Denial of service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479185/100/0/threaded" - }, - { - "name" : "20070912 S21SEC-036-EN Ekiga <= 2.0.5 Denial of service", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=118959114522339&w=2" - }, - { - "name" : "http://www.s21sec.com/avisos/s21sec-036-en.txt", - "refsource" : "MISC", - "url" : "http://www.s21sec.com/avisos/s21sec-036-en.txt" - }, - { - "name" : "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html", - "refsource" : "MISC", - "url" : "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html" - }, - { - "name" : "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9", - "refsource" : "MISC", - "url" : "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=292831", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=292831" - }, - { - "name" : "MDKSA-2007:206", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206" - }, - { - "name" : "RHSA-2007:0932", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0932.html" - }, - { - "name" : "USN-561-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-561-1" - }, - { - "name" : "25642", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25642" - }, - { - "name" : "oval:org.mitre.oval:def:10928", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928" - }, - { - "name" : "1018683", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018683" - }, - { - "name" : "27127", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27127" - }, - { - "name" : "27150", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27150" - }, - { - "name" : "27518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27518" - }, - { - "name" : "28385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28385" - }, - { - "name" : "3138", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3138" - }, - { - "name" : "ekiga-sipurlgethostaddress-dos(36568)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a \"memory management flaw\". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28385" + }, + { + "name": "USN-561-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-561-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=292831", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=292831" + }, + { + "name": "20070912 S21SEC-036-EN Ekiga <= 2.0.5 Denial of service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479185/100/0/threaded" + }, + { + "name": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html", + "refsource": "MISC", + "url": "http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html" + }, + { + "name": "1018683", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018683" + }, + { + "name": "27150", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27150" + }, + { + "name": "3138", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3138" + }, + { + "name": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9", + "refsource": "MISC", + "url": "http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9" + }, + { + "name": "20070912 S21SEC-036-EN Ekiga <= 2.0.5 Denial of service", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=118959114522339&w=2" + }, + { + "name": "ekiga-sipurlgethostaddress-dos(36568)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36568" + }, + { + "name": "27127", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27127" + }, + { + "name": "25642", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25642" + }, + { + "name": "http://www.s21sec.com/avisos/s21sec-036-en.txt", + "refsource": "MISC", + "url": "http://www.s21sec.com/avisos/s21sec-036-en.txt" + }, + { + "name": "27518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27518" + }, + { + "name": "oval:org.mitre.oval:def:10928", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928" + }, + { + "name": "MDKSA-2007:206", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:206" + }, + { + "name": "RHSA-2007:0932", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0932.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2325.json b/2015/2xxx/CVE-2015-2325.json index f7dbe36e029..1924513ff11 100644 --- a/2015/2xxx/CVE-2015-2325.json +++ b/2015/2xxx/CVE-2015-2325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2325", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2325", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2729.json b/2015/2xxx/CVE-2015-2729.json index 40e9dba1e1e..adbf5077d50 100644 --- a/2015/2xxx/CVE-2015-2729.json +++ b/2015/2xxx/CVE-2015-2729.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2729", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2729", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-62.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-62.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1122218", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1122218" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:1207", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html" - }, - { - "name" : "openSUSE-SU-2015:1229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" - }, - { - "name" : "USN-2656-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-1" - }, - { - "name" : "USN-2656-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-2" - }, - { - "name" : "75541", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75541" - }, - { - "name" : "1032783", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032783" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "75541", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75541" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "RHSA-2015:1207", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html" + }, + { + "name": "USN-2656-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1122218", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1122218" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-62.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-62.html" + }, + { + "name": "1032783", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032783" + }, + { + "name": "USN-2656-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2823.json b/2015/2xxx/CVE-2015-2823.json index e4651feffee..bd1f976d2cc 100644 --- a/2015/2xxx/CVE-2015-2823.json +++ b/2015/2xxx/CVE-2015-2823.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf" - }, - { - "name" : "74040", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Siemens SIMATIC HMI Basic Panels 2nd Generation before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC WinCC Runtime Professional before WinCC (TIA Portal) 13 SP1 Upd2, SIMATIC HMI Basic Panels 1st Generation (WinCC TIA Portal), SIMATIC HMI Mobile Panel 277 (WinCC TIA Portal), SIMATIC HMI Multi Panels (WinCC TIA Portal), and SIMATIC WinCC 7.x before 7.3 Upd4 allow remote attackers to complete authentication by leveraging knowledge of a password hash without knowledge of the associated password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74040", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74040" + }, + { + "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6219.json b/2015/6xxx/CVE-2015-6219.json index c2e5697494f..5a234e3a842 100644 --- a/2015/6xxx/CVE-2015-6219.json +++ b/2015/6xxx/CVE-2015-6219.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6219", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6219", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6333.json b/2015/6xxx/CVE-2015-6333.json index d4aaec02a91..3f2cc15215d 100644 --- a/2015/6xxx/CVE-2015-6333.json +++ b/2015/6xxx/CVE-2015-6333.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151012 Cisco Application Policy Infrastructure Controller Privilege Escalation SSH Key Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic" - }, - { - "name" : "1033793", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151012 Cisco Application Policy Infrastructure Controller Privilege Escalation SSH Key Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic" + }, + { + "name": "1033793", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033793" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6705.json b/2015/6xxx/CVE-2015-6705.json index 5c832e6ea7f..9c9d4723f8a 100644 --- a/2015/6xxx/CVE-2015-6705.json +++ b/2015/6xxx/CVE-2015-6705.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6706, and CVE-2015-7624." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2015-5583, CVE-2015-6706, and CVE-2015-7624." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7330.json b/2015/7xxx/CVE-2015-7330.json index ef821671fbf..1877a458c1e 100644 --- a/2015/7xxx/CVE-2015-7330.json +++ b/2015/7xxx/CVE-2015-7330.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://puppetlabs.com/security/cve/cve-2015-7330", - "refsource" : "CONFIRM", - "url" : "https://puppetlabs.com/security/cve/cve-2015-7330" - }, - { - "name" : "1034550", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034550" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://puppetlabs.com/security/cve/cve-2015-7330", + "refsource": "CONFIRM", + "url": "https://puppetlabs.com/security/cve/cve-2015-7330" + }, + { + "name": "1034550", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034550" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7427.json b/2015/7xxx/CVE-2015-7427.json index 21c4eac0c8c..9f12b34e419 100644 --- a/2015/7xxx/CVE-2015-7427.json +++ b/2015/7xxx/CVE-2015-7427.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969342", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969342" - }, - { - "name" : "IT10279", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10279" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IT10279", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10279" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0008.json b/2016/0xxx/CVE-2016-0008.json index da8a54c8e75..611b65e9f1f 100644 --- a/2016/0xxx/CVE-2016-0008.json +++ b/2016/0xxx/CVE-2016-0008.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Windows GDI32.dll ASLR Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160112 Microsoft Wordpad Open Document Text OOBR Heap Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1216" - }, - { - "name" : "MS16-005", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005" - }, - { - "name" : "1034654", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Windows GDI32.dll ASLR Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-005", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-005" + }, + { + "name": "20160112 Microsoft Wordpad Open Document Text OOBR Heap Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1216" + }, + { + "name": "1034654", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034654" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0772.json b/2016/0xxx/CVE-2016-0772.json index 1a12191b8d7..3c9583ce0bf 100644 --- a/2016/0xxx/CVE-2016-0772.json +++ b/2016/0xxx/CVE-2016-0772.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a \"StartTLS stripping attack.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160614 Python CVE-2016-0772: smtplib StartTLS stripping attack", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/14/9" - }, - { - "name" : "[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1303647", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1303647" - }, - { - "name" : "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5", - "refsource" : "CONFIRM", - "url" : "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5" - }, - { - "name" : "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2", - "refsource" : "CONFIRM", - "url" : "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2" - }, - { - "name" : "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS", - "refsource" : "CONFIRM", - "url" : "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS" - }, - { - "name" : "https://hg.python.org/cpython/rev/b3ce713fb9be", - "refsource" : "CONFIRM", - "url" : "https://hg.python.org/cpython/rev/b3ce713fb9be" - }, - { - "name" : "https://hg.python.org/cpython/rev/d590114c2394", - "refsource" : "CONFIRM", - "url" : "https://hg.python.org/cpython/rev/d590114c2394" - }, - { - "name" : "http://www.splunk.com/view/SP-CAAAPSV", - "refsource" : "CONFIRM", - "url" : "http://www.splunk.com/view/SP-CAAAPSV" - }, - { - "name" : "http://www.splunk.com/view/SP-CAAAPUE", - "refsource" : "CONFIRM", - "url" : "http://www.splunk.com/view/SP-CAAAPUE" - }, - { - "name" : "GLSA-201701-18", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-18" - }, - { - "name" : "RHSA-2016:1626", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1626.html" - }, - { - "name" : "RHSA-2016:1627", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1627.html" - }, - { - "name" : "RHSA-2016:1628", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1628.html" - }, - { - "name" : "RHSA-2016:1629", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1629.html" - }, - { - "name" : "RHSA-2016:1630", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1630.html" - }, - { - "name" : "91225", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91225" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a \"StartTLS stripping attack.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://hg.python.org/cpython/rev/d590114c2394", + "refsource": "CONFIRM", + "url": "https://hg.python.org/cpython/rev/d590114c2394" + }, + { + "name": "http://www.splunk.com/view/SP-CAAAPUE", + "refsource": "CONFIRM", + "url": "http://www.splunk.com/view/SP-CAAAPUE" + }, + { + "name": "RHSA-2016:1630", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1630.html" + }, + { + "name": "RHSA-2016:1627", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1627.html" + }, + { + "name": "https://hg.python.org/cpython/rev/b3ce713fb9be", + "refsource": "CONFIRM", + "url": "https://hg.python.org/cpython/rev/b3ce713fb9be" + }, + { + "name": "RHSA-2016:1629", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1629.html" + }, + { + "name": "http://www.splunk.com/view/SP-CAAAPSV", + "refsource": "CONFIRM", + "url": "http://www.splunk.com/view/SP-CAAAPSV" + }, + { + "name": "[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647" + }, + { + "name": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5", + "refsource": "CONFIRM", + "url": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5" + }, + { + "name": "[oss-security] 20160614 Python CVE-2016-0772: smtplib StartTLS stripping attack", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/14/9" + }, + { + "name": "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS", + "refsource": "CONFIRM", + "url": "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS" + }, + { + "name": "GLSA-201701-18", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-18" + }, + { + "name": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2", + "refsource": "CONFIRM", + "url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2" + }, + { + "name": "91225", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91225" + }, + { + "name": "RHSA-2016:1628", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1628.html" + }, + { + "name": "RHSA-2016:1626", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1626.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0805.json b/2016/0xxx/CVE-2016-0805.json index fec33cfa9ba..bd46bfd0282 100644 --- a/2016/0xxx/CVE-2016-0805.json +++ b/2016/0xxx/CVE-2016-0805.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-02-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-02-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-02-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0979.json b/2016/0xxx/CVE-2016-0979.json index 8bc6b53ffe6..8b743e76f82 100644 --- a/2016/0xxx/CVE-2016-0979.json +++ b/2016/0xxx/CVE-2016-0979.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "RHSA-2016:0166", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" - }, - { - "name" : "SUSE-SU-2016:0398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" - }, - { - "name" : "SUSE-SU-2016:0400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:0412", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0415", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" - }, - { - "name" : "1034970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" + }, + { + "name": "1034970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034970" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "RHSA-2016:0166", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" + }, + { + "name": "openSUSE-SU-2016:0415", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" + }, + { + "name": "openSUSE-SU-2016:0412", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" + }, + { + "name": "SUSE-SU-2016:0398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000214.json b/2016/1000xxx/CVE-2016-1000214.json index ceb31a7be0c..dfb51e9a10b 100644 --- a/2016/1000xxx/CVE-2016-1000214.json +++ b/2016/1000xxx/CVE-2016-1000214.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000214", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ruckus Wireless H500 web management interface authentication bypass" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/", - "refsource" : "MISC", - "url" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/" - }, - { - "name" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt", - "refsource" : "CONFIRM", - "url" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ruckus Wireless H500 web management interface authentication bypass" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt", + "refsource": "CONFIRM", + "url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt" + }, + { + "name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/", + "refsource": "MISC", + "url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10489.json b/2016/10xxx/CVE-2016-10489.json index f1172675465..b2a18418ea0 100644 --- a/2016/10xxx/CVE-2016-10489.json +++ b/2016/10xxx/CVE-2016-10489.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10489", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 400" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted pointer dereference in QTEE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10489", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 400" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted pointer dereference in QTEE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1577.json b/2016/1xxx/CVE-2016-1577.json index f9d386d48c2..b601795932d 100644 --- a/2016/1xxx/CVE-2016-1577.json +++ b/2016/1xxx/CVE-2016-1577.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2016-1577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160303 Security issues in JasPer (CVE-2016-1577 and CVE-2016-2116)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/03/12" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865" - }, - { - "name" : "DSA-3508", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3508" - }, - { - "name" : "RHSA-2017:1208", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1208" - }, - { - "name" : "USN-2919-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2919-1" - }, - { - "name" : "84133", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3508", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3508" + }, + { + "name": "[oss-security] 20160303 Security issues in JasPer (CVE-2016-1577 and CVE-2016-2116)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/03/12" + }, + { + "name": "https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865" + }, + { + "name": "USN-2919-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2919-1" + }, + { + "name": "RHSA-2017:1208", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1208" + }, + { + "name": "84133", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84133" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1628.json b/2016/1xxx/CVE-2016-1628.json index bd60387b494..dcfd00b8f60 100644 --- a/2016/1xxx/CVE-2016-1628.json +++ b/2016/1xxx/CVE-2016-1628.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1628", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1628", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-172/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-172/" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=571479", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=571479" - }, - { - "name" : "https://codereview.chromium.org/1590593002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1590593002" - }, - { - "name" : "DSA-3486", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3486" - }, - { - "name" : "DSA-4013", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-4013" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "GLSA-201710-26", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201710-26" - }, - { - "name" : "RHSA-2016:0241", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0241.html" - }, - { - "name" : "83125", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83125" - }, - { - "name" : "1035183", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035183" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=571479", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=571479" + }, + { + "name": "83125", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83125" + }, + { + "name": "GLSA-201710-26", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201710-26" + }, + { + "name": "1035183", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035183" + }, + { + "name": "DSA-4013", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-4013" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-172/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-172/" + }, + { + "name": "DSA-3486", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3486" + }, + { + "name": "https://codereview.chromium.org/1590593002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1590593002" + }, + { + "name": "RHSA-2016:0241", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0241.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1734.json b/2016/1xxx/CVE-2016-1734.json index d7d00bb1f19..926c25ed3be 100644 --- a/2016/1xxx/CVE-2016-1734.json +++ b/2016/1xxx/CVE-2016-1734.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "1035353", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted USB device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "1035353", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035353" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1924.json b/2016/1xxx/CVE-2016-1924.json index 5b7057409bf..b5a7acacdd3 100644 --- a/2016/1xxx/CVE-2016-1924.json +++ b/2016/1xxx/CVE-2016-1924.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1924", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1924", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160118 Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/18/4" - }, - { - "name" : "[oss-security] 20160118 Re: Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/18/7" - }, - { - "name" : "DSA-3665", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3665" - }, - { - "name" : "GLSA-201612-26", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-26" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201612-26", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-26" + }, + { + "name": "DSA-3665", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3665" + }, + { + "name": "[oss-security] 20160118 Re: Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/18/7" + }, + { + "name": "[oss-security] 20160118 Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/18/4" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4174.json b/2016/4xxx/CVE-2016-4174.json index 798d02ac96d..574dc7a9587 100644 --- a/2016/4xxx/CVE-2016-4174.json +++ b/2016/4xxx/CVE-2016-4174.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "MS16-093", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91719" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "91719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91719" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "MS16-093", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4225.json b/2016/4xxx/CVE-2016-4225.json index b7780775708..45f6f360c61 100644 --- a/2016/4xxx/CVE-2016-4225.json +++ b/2016/4xxx/CVE-2016-4225.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4224." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-427", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-427" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "GLSA-201607-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-03" - }, - { - "name" : "MS16-093", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91718", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91718" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2016-4223 and CVE-2016-4224." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-427", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-427" + }, + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "GLSA-201607-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-03" + }, + { + "name": "91718", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91718" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "MS16-093", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4785.json b/2016/4xxx/CVE-2016-4785.json index df401882ddf..0d955eec8ce 100644 --- a/2016/4xxx/CVE-2016-4785.json +++ b/2016/4xxx/CVE-2016-4785.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "DATE_PUBLIC" : "2017-07-04T00:00:00", - "ID" : "CVE-2016-4785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_PUBLIC": "2017-07-04T00:00:00", + "ID": "CVE-2016-4785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03" - }, - { - "name" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf" - }, - { - "name" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf", - "refsource" : "CONFIRM", - "url" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf" - }, - { - "name" : "99471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99471" - }, - { - "name" : "90773", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90773" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-547990.pdf" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-140-02" + }, + { + "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf", + "refsource": "CONFIRM", + "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-323211.pdf" + }, + { + "name": "90773", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90773" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-187-03" + }, + { + "name": "99471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99471" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4998.json b/2016/4xxx/CVE-2016-4998.json index 7a8b00b9f2d..44e74478114 100644 --- a/2016/4xxx/CVE-2016-4998.json +++ b/2016/4xxx/CVE-2016-4998.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/24/5" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349886", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349886" - }, - { - "name" : "https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "RHSA-2016:1847", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1847.html" - }, - { - "name" : "RHSA-2016:1875", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1875.html" - }, - { - "name" : "RHSA-2016:1883", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1883.html" - }, - { - "name" : "RHSA-2017:0036", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0036.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "USN-3016-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-1" - }, - { - "name" : "USN-3016-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-2" - }, - { - "name" : "USN-3016-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-3" - }, - { - "name" : "USN-3016-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3016-4" - }, - { - "name" : "USN-3017-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-1" - }, - { - "name" : "USN-3017-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-2" - }, - { - "name" : "USN-3017-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3017-3" - }, - { - "name" : "USN-3018-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-1" - }, - { - "name" : "USN-3018-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3018-2" - }, - { - "name" : "USN-3019-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3019-1" - }, - { - "name" : "USN-3020-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3020-1" - }, - { - "name" : "91451", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91451" - }, - { - "name" : "1036171", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "USN-3017-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "USN-3017-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-3" + }, + { + "name": "RHSA-2016:1847", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html" + }, + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "USN-3018-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-2" + }, + { + "name": "USN-3017-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3017-2" + }, + { + "name": "RHSA-2016:1875", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html" + }, + { + "name": "USN-3019-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3019-1" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "USN-3016-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-2" + }, + { + "name": "USN-3016-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-1" + }, + { + "name": "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/24/5" + }, + { + "name": "USN-3018-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3018-1" + }, + { + "name": "1036171", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036171" + }, + { + "name": "https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349886", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349886" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" + }, + { + "name": "RHSA-2016:1883", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "USN-3016-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-3" + }, + { + "name": "RHSA-2017:0036", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0036.html" + }, + { + "name": "USN-3016-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3016-4" + }, + { + "name": "91451", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91451" + }, + { + "name": "USN-3020-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3020-1" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3230.json b/2019/3xxx/CVE-2019-3230.json index 51c4a7d4242..19d9c043d14 100644 --- a/2019/3xxx/CVE-2019-3230.json +++ b/2019/3xxx/CVE-2019-3230.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3230", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3230", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3555.json b/2019/3xxx/CVE-2019-3555.json index a5f44c440ae..2731015b0de 100644 --- a/2019/3xxx/CVE-2019-3555.json +++ b/2019/3xxx/CVE-2019-3555.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3555", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3555", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3891.json b/2019/3xxx/CVE-2019-3891.json index 068e9162e24..7995e4cf554 100644 --- a/2019/3xxx/CVE-2019-3891.json +++ b/2019/3xxx/CVE-2019-3891.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3891", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3891", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3970.json b/2019/3xxx/CVE-2019-3970.json index 5b45bd9a046..07dbb0c0c1b 100644 --- a/2019/3xxx/CVE-2019-3970.json +++ b/2019/3xxx/CVE-2019-3970.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3970", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3970", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4686.json b/2019/4xxx/CVE-2019-4686.json index 4d1788af6aa..bfd07485c90 100644 --- a/2019/4xxx/CVE-2019-4686.json +++ b/2019/4xxx/CVE-2019-4686.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4686", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4686", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4788.json b/2019/4xxx/CVE-2019-4788.json index ba3cae338ef..183cacd364b 100644 --- a/2019/4xxx/CVE-2019-4788.json +++ b/2019/4xxx/CVE-2019-4788.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4788", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4788", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4821.json b/2019/4xxx/CVE-2019-4821.json index fbda02b3337..3a9468b1525 100644 --- a/2019/4xxx/CVE-2019-4821.json +++ b/2019/4xxx/CVE-2019-4821.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4821", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4821", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4939.json b/2019/4xxx/CVE-2019-4939.json index 606c74d9f8c..71e0fe63ff7 100644 --- a/2019/4xxx/CVE-2019-4939.json +++ b/2019/4xxx/CVE-2019-4939.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4939", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4939", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6172.json b/2019/6xxx/CVE-2019-6172.json index bdc5379a7a1..f5487413950 100644 --- a/2019/6xxx/CVE-2019-6172.json +++ b/2019/6xxx/CVE-2019-6172.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6172", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6172", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6176.json b/2019/6xxx/CVE-2019-6176.json index 6d351c73d1b..c6674734395 100644 --- a/2019/6xxx/CVE-2019-6176.json +++ b/2019/6xxx/CVE-2019-6176.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6176", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6176", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6392.json b/2019/6xxx/CVE-2019-6392.json index af2eace43a9..927d1ec584a 100644 --- a/2019/6xxx/CVE-2019-6392.json +++ b/2019/6xxx/CVE-2019-6392.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6392", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6392", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7028.json b/2019/7xxx/CVE-2019-7028.json index 4ccd27052fa..050ee39935a 100644 --- a/2019/7xxx/CVE-2019-7028.json +++ b/2019/7xxx/CVE-2019-7028.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7028", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7028", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7183.json b/2019/7xxx/CVE-2019-7183.json index cffb6afa05a..021e3a08935 100644 --- a/2019/7xxx/CVE-2019-7183.json +++ b/2019/7xxx/CVE-2019-7183.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7183", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7183", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7359.json b/2019/7xxx/CVE-2019-7359.json index dd2b52ebc7f..9e8bd47bfd7 100644 --- a/2019/7xxx/CVE-2019-7359.json +++ b/2019/7xxx/CVE-2019-7359.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7359", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7359", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7371.json b/2019/7xxx/CVE-2019-7371.json index 49ad2cb1b3b..2b7a9f5121c 100644 --- a/2019/7xxx/CVE-2019-7371.json +++ b/2019/7xxx/CVE-2019-7371.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7371", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7371", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7447.json b/2019/7xxx/CVE-2019-7447.json index 0430102d152..521ad530538 100644 --- a/2019/7xxx/CVE-2019-7447.json +++ b/2019/7xxx/CVE-2019-7447.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7447", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7447", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8109.json b/2019/8xxx/CVE-2019-8109.json index 5fb2762fd4f..360cb203787 100644 --- a/2019/8xxx/CVE-2019-8109.json +++ b/2019/8xxx/CVE-2019-8109.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8109", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8109", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8354.json b/2019/8xxx/CVE-2019-8354.json index afbd632ef50..a90be7e433f 100644 --- a/2019/8xxx/CVE-2019-8354.json +++ b/2019/8xxx/CVE-2019-8354.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8354", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceforge.net/p/sox/bugs/319", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/sox/bugs/319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/sox/bugs/319", + "refsource": "MISC", + "url": "https://sourceforge.net/p/sox/bugs/319" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8462.json b/2019/8xxx/CVE-2019-8462.json index 9eb76c01d96..c3dfff2f715 100644 --- a/2019/8xxx/CVE-2019-8462.json +++ b/2019/8xxx/CVE-2019-8462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8462", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8462", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8956.json b/2019/8xxx/CVE-2019-8956.json index dd9cdcba8da..7e652f46b71 100644 --- a/2019/8xxx/CVE-2019-8956.json +++ b/2019/8xxx/CVE-2019-8956.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8956", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8956", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9004.json b/2019/9xxx/CVE-2019-9004.json index fd9122c2637..0c1ddde4fda 100644 --- a/2019/9xxx/CVE-2019-9004.json +++ b/2019/9xxx/CVE-2019-9004.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/eclipse/wakaama/issues/425", - "refsource" : "MISC", - "url" : "https://github.com/eclipse/wakaama/issues/425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/eclipse/wakaama/issues/425", + "refsource": "MISC", + "url": "https://github.com/eclipse/wakaama/issues/425" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9409.json b/2019/9xxx/CVE-2019-9409.json index dc3263beb46..01ccae2e8c3 100644 --- a/2019/9xxx/CVE-2019-9409.json +++ b/2019/9xxx/CVE-2019-9409.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9409", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9409", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9578.json b/2019/9xxx/CVE-2019-9578.json index eb75d583c18..5c2a78bb905 100644 --- a/2019/9xxx/CVE-2019-9578.json +++ b/2019/9xxx/CVE-2019-9578.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://developers.yubico.com/libu2f-host/Release_Notes.html", - "refsource" : "MISC", - "url" : "https://developers.yubico.com/libu2f-host/Release_Notes.html" - }, - { - "name" : "https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5", - "refsource" : "MISC", - "url" : "https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://developers.yubico.com/libu2f-host/Release_Notes.html", + "refsource": "MISC", + "url": "https://developers.yubico.com/libu2f-host/Release_Notes.html" + }, + { + "name": "https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5", + "refsource": "MISC", + "url": "https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5" + } + ] + } +} \ No newline at end of file