From acdf06d6a8f52b1eba9238d40fa1e84837e771ae Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 05:20:17 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/5xxx/CVE-2006-5767.json | 170 +++---- 2007/2xxx/CVE-2007-2067.json | 180 +++---- 2007/2xxx/CVE-2007-2189.json | 140 +++--- 2007/2xxx/CVE-2007-2272.json | 150 +++--- 2007/2xxx/CVE-2007-2787.json | 250 +++++----- 2007/2xxx/CVE-2007-2879.json | 160 +++---- 2007/3xxx/CVE-2007-3076.json | 160 +++---- 2007/3xxx/CVE-2007-3206.json | 34 +- 2007/3xxx/CVE-2007-3648.json | 160 +++---- 2007/3xxx/CVE-2007-3788.json | 160 +++---- 2007/3xxx/CVE-2007-3947.json | 240 +++++----- 2007/6xxx/CVE-2007-6388.json | 850 ++++++++++++++++----------------- 2007/6xxx/CVE-2007-6484.json | 120 ++--- 2010/1xxx/CVE-2010-1044.json | 150 +++--- 2010/1xxx/CVE-2010-1846.json | 140 +++--- 2010/5xxx/CVE-2010-5238.json | 130 ++--- 2010/5xxx/CVE-2010-5305.json | 34 +- 2014/0xxx/CVE-2014-0186.json | 150 +++--- 2014/0xxx/CVE-2014-0324.json | 120 ++--- 2014/0xxx/CVE-2014-0528.json | 120 ++--- 2014/0xxx/CVE-2014-0570.json | 130 ++--- 2014/0xxx/CVE-2014-0843.json | 140 +++--- 2014/0xxx/CVE-2014-0964.json | 180 +++---- 2014/1xxx/CVE-2014-1443.json | 160 +++---- 2014/1xxx/CVE-2014-1518.json | 410 ++++++++-------- 2014/1xxx/CVE-2014-1811.json | 150 +++--- 2014/1xxx/CVE-2014-1924.json | 34 +- 2014/4xxx/CVE-2014-4404.json | 230 ++++----- 2014/4xxx/CVE-2014-4464.json | 34 +- 2014/5xxx/CVE-2014-5194.json | 120 ++--- 2014/5xxx/CVE-2014-5263.json | 160 +++---- 2015/2xxx/CVE-2015-2130.json | 34 +- 2015/2xxx/CVE-2015-2193.json | 34 +- 2016/10xxx/CVE-2016-10087.json | 170 +++---- 2016/10xxx/CVE-2016-10186.json | 130 ++--- 2016/10xxx/CVE-2016-10657.json | 122 ++--- 2016/3xxx/CVE-2016-3281.json | 150 +++--- 2016/4xxx/CVE-2016-4025.json | 120 ++--- 2016/8xxx/CVE-2016-8179.json | 34 +- 2016/8xxx/CVE-2016-8255.json | 34 +- 2016/8xxx/CVE-2016-8653.json | 162 +++---- 2016/8xxx/CVE-2016-8836.json | 34 +- 2016/8xxx/CVE-2016-8881.json | 34 +- 2016/9xxx/CVE-2016-9086.json | 130 ++--- 2016/9xxx/CVE-2016-9236.json | 34 +- 2016/9xxx/CVE-2016-9397.json | 150 +++--- 2016/9xxx/CVE-2016-9664.json | 34 +- 2019/2xxx/CVE-2019-2059.json | 34 +- 2019/2xxx/CVE-2019-2139.json | 34 +- 2019/2xxx/CVE-2019-2722.json | 34 +- 2019/2xxx/CVE-2019-2723.json | 34 +- 2019/2xxx/CVE-2019-2911.json | 34 +- 2019/6xxx/CVE-2019-6244.json | 120 ++--- 2019/6xxx/CVE-2019-6346.json | 34 +- 2019/6xxx/CVE-2019-6532.json | 34 +- 2019/6xxx/CVE-2019-6797.json | 34 +- 2019/7xxx/CVE-2019-7466.json | 34 +- 2019/7xxx/CVE-2019-7518.json | 34 +- 58 files changed, 3616 insertions(+), 3616 deletions(-) diff --git a/2006/5xxx/CVE-2006-5767.json b/2006/5xxx/CVE-2006-5767.json index 9666f7e2eb2..24fbdd971cb 100644 --- a/2006/5xxx/CVE-2006-5767.json +++ b/2006/5xxx/CVE-2006-5767.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2713", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2713" - }, - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=636860", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=636860" - }, - { - "name" : "20061226 Vendor ACK (basically) for Drake CMS RFI (CVE-2006-5767)", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2006-December/001202.html" - }, - { - "name" : "20914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20914" - }, - { - "name" : "ADV-2006-4345", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4345" - }, - { - "name" : "drake-xhtml-file-include(30021)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4345", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4345" + }, + { + "name": "20914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20914" + }, + { + "name": "2713", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2713" + }, + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=636860", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=636860" + }, + { + "name": "20061226 Vendor ACK (basically) for Drake CMS RFI (CVE-2006-5767)", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2006-December/001202.html" + }, + { + "name": "drake-xhtml-file-include(30021)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30021" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2067.json b/2007/2xxx/CVE-2007-2067.json index 6c30d1b8463..703450dcebf 100644 --- a/2007/2xxx/CVE-2007-2067.json +++ b/2007/2xxx/CVE-2007-2067.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2067", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2067", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3745", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3745" - }, - { - "name" : "ADV-2007-1397", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1397" - }, - { - "name" : "37436", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37436" - }, - { - "name" : "37437", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37437" - }, - { - "name" : "37438", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37438" - }, - { - "name" : "37439", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37439" - }, - { - "name" : "webslider-path-file-include(33689)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33689" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) index.php, (2) modules/pdf.php, (3) plugins/highlight.php, or (4) include/modules.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37439", + "refsource": "OSVDB", + "url": "http://osvdb.org/37439" + }, + { + "name": "3745", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3745" + }, + { + "name": "37438", + "refsource": "OSVDB", + "url": "http://osvdb.org/37438" + }, + { + "name": "37437", + "refsource": "OSVDB", + "url": "http://osvdb.org/37437" + }, + { + "name": "webslider-path-file-include(33689)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33689" + }, + { + "name": "37436", + "refsource": "OSVDB", + "url": "http://osvdb.org/37436" + }, + { + "name": "ADV-2007-1397", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1397" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2189.json b/2007/2xxx/CVE-2007-2189.json index 565d8417942..227b76ebab7 100644 --- a/2007/2xxx/CVE-2007-2189.json +++ b/2007/2xxx/CVE-2007-2189.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3766", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3766" - }, - { - "name" : "23561", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23561" - }, - { - "name" : "mxbb-smartorfap-admin-file-include(33760)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mxbb-smartorfap-admin-file-include(33760)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33760" + }, + { + "name": "3766", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3766" + }, + { + "name": "23561", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23561" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2272.json b/2007/2xxx/CVE-2007-2272.json index 94299242dfa..db70b06fa77 100644 --- a/2007/2xxx/CVE-2007-2272.json +++ b/2007/2xxx/CVE-2007-2272.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2272", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2272", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3795", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3795" - }, - { - "name" : "23633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23633" - }, - { - "name" : "25046", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25046" - }, - { - "name" : "awbs-cart2-file-include(33860)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33860" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "awbs-cart2-file-include(33860)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33860" + }, + { + "name": "23633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23633" + }, + { + "name": "3795", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3795" + }, + { + "name": "25046", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25046" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2787.json b/2007/2xxx/CVE-2007-2787.json index 6d9bc0c0e7b..e829d665fac 100644 --- a/2007/2xxx/CVE-2007-2787.json +++ b/2007/2xxx/CVE-2007-2787.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2787", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2787", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3951", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3951" - }, - { - "name" : "3952", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3952" - }, - { - "name" : "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html", - "refsource" : "MISC", - "url" : "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html" - }, - { - "name" : "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html", - "refsource" : "MISC", - "url" : "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html" - }, - { - "name" : "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html", - "refsource" : "MISC", - "url" : "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html" - }, - { - "name" : "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html", - "refsource" : "MISC", - "url" : "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html" - }, - { - "name" : "24053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24053" - }, - { - "name" : "24057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24057" - }, - { - "name" : "36028", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36028" - }, - { - "name" : "36029", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36029" - }, - { - "name" : "25331", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25331" - }, - { - "name" : "25376", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25376" - }, - { - "name" : "leadtools-ltrtm14e-bo(34378)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34378" - }, - { - "name" : "leadtools-lttmb14e-bo(34379)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34379" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html", + "refsource": "MISC", + "url": "http://moaxb.blogspot.com/2007/05/moaxb-20-leadtools-raster-thumbnail.html" + }, + { + "name": "36028", + "refsource": "OSVDB", + "url": "http://osvdb.org/36028" + }, + { + "name": "25331", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25331" + }, + { + "name": "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html", + "refsource": "MISC", + "url": "http://www.shinnai.altervista.org/moaxb/20070520/leadrastertxt.html" + }, + { + "name": "24057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24057" + }, + { + "name": "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html", + "refsource": "MISC", + "url": "http://moaxb.blogspot.com/2007/05/moaxb-19-leadtools-thumbnail-browser.html" + }, + { + "name": "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html", + "refsource": "MISC", + "url": "http://www.shinnai.altervista.org/moaxb/20070519/lademthumbtxt.html" + }, + { + "name": "leadtools-lttmb14e-bo(34379)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34379" + }, + { + "name": "36029", + "refsource": "OSVDB", + "url": "http://osvdb.org/36029" + }, + { + "name": "25376", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25376" + }, + { + "name": "leadtools-ltrtm14e-bo(34378)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34378" + }, + { + "name": "24053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24053" + }, + { + "name": "3952", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3952" + }, + { + "name": "3951", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3951" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2879.json b/2007/2xxx/CVE-2007-2879.json index c5949031b2e..ad23d2d43bc 100644 --- a/2007/2xxx/CVE-2007-2879.json +++ b/2007/2xxx/CVE-2007-2879.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2879", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070525 GTP 3G © Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469584/100/0/threaded" - }, - { - "name" : "24152", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24152" - }, - { - "name" : "38139", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38139" - }, - { - "name" : "2737", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2737" - }, - { - "name" : "gnuturk-portal-mods-xss(34514)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38139", + "refsource": "OSVDB", + "url": "http://osvdb.org/38139" + }, + { + "name": "24152", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24152" + }, + { + "name": "gnuturk-portal-mods-xss(34514)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34514" + }, + { + "name": "2737", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2737" + }, + { + "name": "20070525 GTP 3G © Gnuturk Portal System year=**&month= Cross-Site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469584/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3076.json b/2007/3xxx/CVE-2007-3076.json index 64dd2425bf1..a49ed93d33c 100644 --- a/2007/3xxx/CVE-2007-3076.json +++ b/2007/3xxx/CVE-2007-3076.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html", - "refsource" : "MISC", - "url" : "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html" - }, - { - "name" : "24377", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24377" - }, - { - "name" : "ADV-2007-2000", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2000" - }, - { - "name" : "36046", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36046" - }, - { - "name" : "25468", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25468" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2000", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2000" + }, + { + "name": "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html", + "refsource": "MISC", + "url": "http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html" + }, + { + "name": "36046", + "refsource": "OSVDB", + "url": "http://osvdb.org/36046" + }, + { + "name": "24377", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24377" + }, + { + "name": "25468", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25468" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3206.json b/2007/3xxx/CVE-2007-3206.json index dff6be98def..ebeb2936315 100644 --- a/2007/3xxx/CVE-2007-3206.json +++ b/2007/3xxx/CVE-2007-3206.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3206", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3206", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3648.json b/2007/3xxx/CVE-2007-3648.json index c58915ccadc..ff3ed587e0a 100644 --- a/2007/3xxx/CVE-2007-3648.json +++ b/2007/3xxx/CVE-2007-3648.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=144#npos144", - "refsource" : "CONFIRM", - "url" : "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=144#npos144" - }, - { - "name" : "24878", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24878" - }, - { - "name" : "ADV-2007-2465", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2465" - }, - { - "name" : "41104", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41104" - }, - { - "name" : "26019", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26019" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26019", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26019" + }, + { + "name": "24878", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24878" + }, + { + "name": "41104", + "refsource": "OSVDB", + "url": "http://osvdb.org/41104" + }, + { + "name": "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=144#npos144", + "refsource": "CONFIRM", + "url": "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=144#npos144" + }, + { + "name": "ADV-2007-2465", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2465" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3788.json b/2007/3xxx/CVE-2007-3788.json index 9a9f5fd62fd..bee7c337961 100644 --- a/2007/3xxx/CVE-2007-3788.json +++ b/2007/3xxx/CVE-2007-3788.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3788", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3788", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070711 Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473663/100/0/threaded" - }, - { - "name" : "http://labs.calyptix.com/CX-2007-05.php", - "refsource" : "MISC", - "url" : "http://labs.calyptix.com/CX-2007-05.php" - }, - { - "name" : "http://labs.calyptix.com/CX-2007-05.txt", - "refsource" : "MISC", - "url" : "http://labs.calyptix.com/CX-2007-05.txt" - }, - { - "name" : "38173", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38173" - }, - { - "name" : "26005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The eSoft InstaGate EX2 UTM device stores the admin password within the settings HTML document, which might allow context-dependent attackers to obtain sensitive information by reading this document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38173", + "refsource": "OSVDB", + "url": "http://osvdb.org/38173" + }, + { + "name": "http://labs.calyptix.com/CX-2007-05.php", + "refsource": "MISC", + "url": "http://labs.calyptix.com/CX-2007-05.php" + }, + { + "name": "http://labs.calyptix.com/CX-2007-05.txt", + "refsource": "MISC", + "url": "http://labs.calyptix.com/CX-2007-05.txt" + }, + { + "name": "20070711 Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473663/100/0/threaded" + }, + { + "name": "26005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26005" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3947.json b/2007/3xxx/CVE-2007-3947.json index 00429685a14..3d4e5f4d1de 100644 --- a/2007/3xxx/CVE-2007-3947.json +++ b/2007/3xxx/CVE-2007-3947.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070719 rPSA-2007-0145-1 lighttpd", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474131/100/0/threaded" - }, - { - "name" : "http://trac.lighttpd.net/trac/changeset/1869", - "refsource" : "MISC", - "url" : "http://trac.lighttpd.net/trac/changeset/1869" - }, - { - "name" : "http://trac.lighttpd.net/trac/ticket/1232", - "refsource" : "CONFIRM", - "url" : "http://trac.lighttpd.net/trac/ticket/1232" - }, - { - "name" : "DSA-1362", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1362" - }, - { - "name" : "GLSA-200708-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200708-11.xml" - }, - { - "name" : "SUSE-SR:2007:015", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" - }, - { - "name" : "24967", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24967" - }, - { - "name" : "38313", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38313" - }, - { - "name" : "ADV-2007-2585", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2585" - }, - { - "name" : "26130", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26130" - }, - { - "name" : "26158", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26158" - }, - { - "name" : "26505", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26505" - }, - { - "name" : "26593", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26158", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26158" + }, + { + "name": "http://trac.lighttpd.net/trac/changeset/1869", + "refsource": "MISC", + "url": "http://trac.lighttpd.net/trac/changeset/1869" + }, + { + "name": "38313", + "refsource": "OSVDB", + "url": "http://osvdb.org/38313" + }, + { + "name": "ADV-2007-2585", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2585" + }, + { + "name": "26130", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26130" + }, + { + "name": "20070719 rPSA-2007-0145-1 lighttpd", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474131/100/0/threaded" + }, + { + "name": "24967", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24967" + }, + { + "name": "26593", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26593" + }, + { + "name": "http://trac.lighttpd.net/trac/ticket/1232", + "refsource": "CONFIRM", + "url": "http://trac.lighttpd.net/trac/ticket/1232" + }, + { + "name": "DSA-1362", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1362" + }, + { + "name": "GLSA-200708-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200708-11.xml" + }, + { + "name": "SUSE-SR:2007:015", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" + }, + { + "name": "26505", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26505" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6388.json b/2007/6xxx/CVE-2007-6388.json index 084e2acf27c..fc210cf718f 100644 --- a/2007/6xxx/CVE-2007-6388.json +++ b/2007/6xxx/CVE-2007-6388.json @@ -1,427 +1,427 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080716 rPSA-2008-0035-1 httpd mod_ssl", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/494428/100/0/threaded" - }, - { - "name" : "20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/505990/100/0/threaded" - }, - { - "name" : "[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server", - "refsource" : "MLIST", - "url" : "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" - }, - { - "name" : "http://httpd.apache.org/security/vulnerabilities_13.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_13.html" - }, - { - "name" : "http://httpd.apache.org/security/vulnerabilities_20.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_20.html" - }, - { - "name" : "http://httpd.apache.org/security/vulnerabilities_22.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_22.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039" - }, - { - "name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf", - "refsource" : "CONFIRM", - "url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html", - "refsource" : "CONFIRM", - "url" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" - }, - { - "name" : "PK59667", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only" - }, - { - "name" : "PK62966", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966" - }, - { - "name" : "PK63273", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273" - }, - { - "name" : "PK65782", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24019245" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2008-05-28", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" - }, - { - "name" : "FEDORA-2008-1695", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html" - }, - { - "name" : "FEDORA-2008-1711", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html" - }, - { - "name" : "HPSBUX02313", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/488082/100/0/threaded" - }, - { - "name" : "SSRT080015", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/488082/100/0/threaded" - }, - { - "name" : "HPSBMA02388", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/498523/100/0/threaded" - }, - { - "name" : "SSRT080059", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/498523/100/0/threaded" - }, - { - "name" : "HPSBOV02683", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" - }, - { - "name" : "SSRT090208", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" - }, - { - "name" : "MDVSA-2008:014", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014" - }, - { - "name" : "MDVSA-2008:015", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:015" - }, - { - "name" : "MDVSA-2008:016", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016" - }, - { - "name" : "RHSA-2008:0004", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0004.html" - }, - { - "name" : "RHSA-2008:0005", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0005.html" - }, - { - "name" : "RHSA-2008:0006", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0006.html" - }, - { - "name" : "RHSA-2008:0007", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0007.html" - }, - { - "name" : "RHSA-2008:0008", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0008.html" - }, - { - "name" : "RHSA-2008:0009", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0009.html" - }, - { - "name" : "RHSA-2008:0261", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0261.html" - }, - { - "name" : "SSA:2008-045-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748" - }, - { - "name" : "233623", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1" - }, - { - "name" : "SUSE-SA:2008:021", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" - }, - { - "name" : "USN-575-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-575-1" - }, - { - "name" : "TA08-150A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" - }, - { - "name" : "27237", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27237" - }, - { - "name" : "oval:org.mitre.oval:def:10272", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272" - }, - { - "name" : "32800", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32800" - }, - { - "name" : "ADV-2008-0047", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0047" - }, - { - "name" : "ADV-2008-0447", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0447/references" - }, - { - "name" : "ADV-2008-0554", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0554" - }, - { - "name" : "ADV-2008-0809", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0809/references" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "ADV-2008-0986", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0986/references" - }, - { - "name" : "ADV-2008-1224", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1224/references" - }, - { - "name" : "ADV-2008-1623", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1623/references" - }, - { - "name" : "ADV-2008-1697", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1697" - }, - { - "name" : "1019154", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019154" - }, - { - "name" : "28467", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28467" - }, - { - "name" : "28471", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28471" - }, - { - "name" : "28526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28526" - }, - { - "name" : "28607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28607" - }, - { - "name" : "28749", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28749" - }, - { - "name" : "28965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28965" - }, - { - "name" : "28977", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28977" - }, - { - "name" : "28922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28922" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "29504", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29504" - }, - { - "name" : "29640", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29640" - }, - { - "name" : "29806", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29806" - }, - { - "name" : "29988", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29988" - }, - { - "name" : "30356", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30356" - }, - { - "name" : "30430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30430" - }, - { - "name" : "31142", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31142" - }, - { - "name" : "30732", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30732" - }, - { - "name" : "33200", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33200" - }, - { - "name" : "3541", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3541" - }, - { - "name" : "apache-status-page-xss(39472)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2008:0005", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0005.html" + }, + { + "name": "ADV-2008-0554", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0554" + }, + { + "name": "ADV-2008-0447", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0447/references" + }, + { + "name": "28922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28922" + }, + { + "name": "ADV-2008-0986", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0986/references" + }, + { + "name": "3541", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3541" + }, + { + "name": "28749", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28749" + }, + { + "name": "SSA:2008-045-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.595748" + }, + { + "name": "29988", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29988" + }, + { + "name": "SSRT090208", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" + }, + { + "name": "ADV-2008-1623", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1623/references" + }, + { + "name": "29806", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29806" + }, + { + "name": "20080716 rPSA-2008-0035-1 httpd mod_ssl", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded" + }, + { + "name": "FEDORA-2008-1695", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html" + }, + { + "name": "1019154", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019154" + }, + { + "name": "28526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28526" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" + }, + { + "name": "RHSA-2008:0006", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0006.html" + }, + { + "name": "oval:org.mitre.oval:def:10272", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10272" + }, + { + "name": "31142", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31142" + }, + { + "name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html", + "refsource": "CONFIRM", + "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "233623", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1" + }, + { + "name": "RHSA-2008:0007", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0007.html" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_20.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_20.html" + }, + { + "name": "ADV-2008-0047", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0047" + }, + { + "name": "TA08-150A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" + }, + { + "name": "RHSA-2008:0008", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0008.html" + }, + { + "name": "FEDORA-2008-1711", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html" + }, + { + "name": "RHSA-2008:0009", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0009.html" + }, + { + "name": "MDVSA-2008:014", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:014" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "29504", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29504" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_22.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_22.html" + }, + { + "name": "SSRT080015", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "30430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30430" + }, + { + "name": "APPLE-SA-2008-05-28", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm" + }, + { + "name": "apache-status-page-xss(39472)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472" + }, + { + "name": "ADV-2008-0809", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0809/references" + }, + { + "name": "HPSBOV02683", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" + }, + { + "name": "20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded" + }, + { + "name": "28467", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28467" + }, + { + "name": "SSRT080059", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=689039" + }, + { + "name": "PK65782", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245" + }, + { + "name": "HPSBUX02313", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded" + }, + { + "name": "RHSA-2008:0004", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0004.html" + }, + { + "name": "[security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server", + "refsource": "MLIST", + "url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html" + }, + { + "name": "28607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28607" + }, + { + "name": "PK62966", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK62966" + }, + { + "name": "SUSE-SA:2008:021", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" + }, + { + "name": "30356", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30356" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_13.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_13.html" + }, + { + "name": "PK63273", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK63273" + }, + { + "name": "MDVSA-2008:015", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:015" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "33200", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33200" + }, + { + "name": "28965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28965" + }, + { + "name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf", + "refsource": "CONFIRM", + "url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/05/023342-01.pdf" + }, + { + "name": "28471", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28471" + }, + { + "name": "27237", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27237" + }, + { + "name": "HPSBMA02388", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded" + }, + { + "name": "ADV-2008-1697", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1697" + }, + { + "name": "RHSA-2008:0261", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" + }, + { + "name": "USN-575-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-575-1" + }, + { + "name": "29640", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29640" + }, + { + "name": "32800", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32800" + }, + { + "name": "28977", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28977" + }, + { + "name": "30732", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30732" + }, + { + "name": "ADV-2008-1224", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1224/references" + }, + { + "name": "PK59667", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK59667&apar=only" + }, + { + "name": "MDVSA-2008:016", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6484.json b/2007/6xxx/CVE-2007-6484.json index 7b3e40b1841..ba9276480f3 100644 --- a/2007/6xxx/CVE-2007-6484.json +++ b/2007/6xxx/CVE-2007-6484.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "27968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27968" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1044.json b/2010/1xxx/CVE-2010-1044.json index c5ea0d5c3d3..e658758f818 100644 --- a/2010/1xxx/CVE-2010-1044.json +++ b/2010/1xxx/CVE-2010-1044.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt" - }, - { - "name" : "11330", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11330" - }, - { - "name" : "38082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38082" - }, - { - "name" : "oputils-login-sql-injection(56102)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56102" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11330", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11330" + }, + { + "name": "oputils-login-sql-injection(56102)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56102" + }, + { + "name": "38082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38082" + }, + { + "name": "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1002-exploits/oputils_5-sql.txt" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1846.json b/2010/1xxx/CVE-2010-1846.json index 9aa982790f2..4be668b6d0b 100644 --- a/2010/1xxx/CVE-2010-1846.json +++ b/2010/1xxx/CVE-2010-1846.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1846", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1846", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4435", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4435" - }, - { - "name" : "APPLE-SA-2010-11-10-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" - }, - { - "name" : "1024723", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RAW image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1024723", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024723" + }, + { + "name": "http://support.apple.com/kb/HT4435", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4435" + }, + { + "name": "APPLE-SA-2010-11-10-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5238.json b/2010/5xxx/CVE-2010-5238.json index 30e5054a2e8..596bd3b255d 100644 --- a/2010/5xxx/CVE-2010-5238.json +++ b/2010/5xxx/CVE-2010-5238.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html", - "refsource" : "MISC", - "url" : "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html" - }, - { - "name" : "41142", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html", + "refsource": "MISC", + "url": "http://extraexploit.blogspot.com/2010/08/dll-hijacking-my-test-cases-on-default.html" + }, + { + "name": "41142", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41142" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5305.json b/2010/5xxx/CVE-2010-5305.json index 1c69044ab4d..2795732e6c7 100644 --- a/2010/5xxx/CVE-2010-5305.json +++ b/2010/5xxx/CVE-2010-5305.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5305", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5305", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0186.json b/2014/0xxx/CVE-2014-0186.json index a79812fbb23..77686e1b027 100644 --- a/2014/0xxx/CVE-2014-0186.json +++ b/2014/0xxx/CVE-2014-0186.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0186", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0186", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2014-0186", - "refsource" : "MISC", - "url" : "https://security-tracker.debian.org/tracker/CVE-2014-0186" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1089884", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1089884" - }, - { - "name" : "RHSA-2014:0686", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2014-0686.html" - }, - { - "name" : "108060", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/108060" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0686", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2014-0686.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884" + }, + { + "name": "108060", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/108060" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2014-0186", + "refsource": "MISC", + "url": "https://security-tracker.debian.org/tracker/CVE-2014-0186" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0324.json b/2014/0xxx/CVE-2014-0324.json index e24ab4e76e5..d6c046f0598 100644 --- a/2014/0xxx/CVE-2014-0324.json +++ b/2014/0xxx/CVE-2014-0324.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-012", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-012", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0528.json b/2014/0xxx/CVE-2014-0528.json index f4550ac2e00..c4a7618b6ef 100644 --- a/2014/0xxx/CVE-2014-0528.json +++ b/2014/0xxx/CVE-2014-0528.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0528", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/reader/apsb14-15.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/reader/apsb14-15.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/reader/apsb14-15.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0570.json b/2014/0xxx/CVE-2014-0570.json index 5af5ad48b3d..c86e1bad93e 100644 --- a/2014/0xxx/CVE-2014-0570.json +++ b/2014/0xxx/CVE-2014-0570.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html" - }, - { - "name" : "1031020", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031020" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031020", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031020" + }, + { + "name": "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/coldfusion/apsb14-23.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0843.json b/2014/0xxx/CVE-2014-0843.json index e41f1edb2a2..84d2519c884 100644 --- a/2014/0xxx/CVE-2014-0843.json +++ b/2014/0xxx/CVE-2014-0843.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665005", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21665005" - }, - { - "name" : "65730", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65730" - }, - { - "name" : "ibm-focalpoint-cve20140843-file-upload(90714)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90714" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "65730", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65730" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21665005", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21665005" + }, + { + "name": "ibm-focalpoint-cve20140843-file-upload(90714)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90714" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0964.json b/2014/0xxx/CVE-2014-0964.json index 6382a1af5d7..77603021985 100644 --- a/2014/0xxx/CVE-2014-0964.json +++ b/2014/0xxx/CVE-2014-0964.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21671835", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21671835" - }, - { - "name" : "http://www-304.ibm.com/support/docview.wss?uid=swg21673808", - "refsource" : "CONFIRM", - "url" : "http://www-304.ibm.com/support/docview.wss?uid=swg21673808" - }, - { - "name" : "PI14306", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14306" - }, - { - "name" : "PI16981", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI16981" - }, - { - "name" : "PI17128", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI17128" - }, - { - "name" : "1030280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030280" - }, - { - "name" : "ibm-was-cve20140964-scan(92877)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Application Server (WAS) 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21671835", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671835" + }, + { + "name": "PI14306", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI14306" + }, + { + "name": "http://www-304.ibm.com/support/docview.wss?uid=swg21673808", + "refsource": "CONFIRM", + "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21673808" + }, + { + "name": "ibm-was-cve20140964-scan(92877)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92877" + }, + { + "name": "PI17128", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI17128" + }, + { + "name": "1030280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030280" + }, + { + "name": "PI16981", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI16981" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1443.json b/2014/1xxx/CVE-2014-1443.json index b3ebe9a7b79..b62960405ac 100644 --- a/2014/1xxx/CVE-2014-1443.json +++ b/2014/1xxx/CVE-2014-1443.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1443", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140205 Core FTP Server Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Feb/39" - }, - { - "name" : "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html" - }, - { - "name" : "http://coreftp.com/forums/viewtopic.php?t=2985707", - "refsource" : "CONFIRM", - "url" : "http://coreftp.com/forums/viewtopic.php?t=2985707" - }, - { - "name" : "102968", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/102968" - }, - { - "name" : "56850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Core FTP Server 1.2 before build 515 allows remote authenticated users to obtain sensitive information (password for the previous user) via a USER command with a specific length, possibly related to an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/125073/Core-FTP-Server-1.2-DoS-Traversal-Disclosure.html" + }, + { + "name": "102968", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/102968" + }, + { + "name": "http://coreftp.com/forums/viewtopic.php?t=2985707", + "refsource": "CONFIRM", + "url": "http://coreftp.com/forums/viewtopic.php?t=2985707" + }, + { + "name": "56850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56850" + }, + { + "name": "20140205 Core FTP Server Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Feb/39" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1518.json b/2014/1xxx/CVE-2014-1518.json index 70e941479b2..e7492f965a6 100644 --- a/2014/1xxx/CVE-2014-1518.json +++ b/2014/1xxx/CVE-2014-1518.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944353", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944353" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=952022", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=952022" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=966630", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=966630" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=980537", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=980537" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986678", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986678" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986843", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=986843" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=991471", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=991471" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=992968", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=992968" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=993546", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=993546" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "DSA-2918", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2918" - }, - { - "name" : "DSA-2924", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2924" - }, - { - "name" : "FEDORA-2014-5829", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html" - }, - { - "name" : "FEDORA-2014-5833", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "RHSA-2014:0448", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0448.html" - }, - { - "name" : "RHSA-2014:0449", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0449.html" - }, - { - "name" : "SUSE-SU-2014:0665", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html" - }, - { - "name" : "openSUSE-SU-2014:0602", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html" - }, - { - "name" : "openSUSE-SU-2014:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html" - }, - { - "name" : "openSUSE-SU-2014:0599", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html" - }, - { - "name" : "openSUSE-SU-2014:0629", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html" - }, - { - "name" : "SUSE-SU-2014:0727", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html" - }, - { - "name" : "USN-2189-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2189-1" - }, - { - "name" : "USN-2185-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2185-1" - }, - { - "name" : "67123", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67123" - }, - { - "name" : "1030163", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030163" - }, - { - "name" : "1030164", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030164" - }, - { - "name" : "59866", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0448", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0448.html" + }, + { + "name": "67123", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67123" + }, + { + "name": "FEDORA-2014-5833", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132332.html" + }, + { + "name": "openSUSE-SU-2014:0602", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00013.html" + }, + { + "name": "openSUSE-SU-2014:0599", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html" + }, + { + "name": "openSUSE-SU-2014:0629", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=992968", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=992968" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=952022", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=952022" + }, + { + "name": "SUSE-SU-2014:0727", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "59866", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59866" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2014:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00040.html" + }, + { + "name": "USN-2189-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2189-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944353", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944353" + }, + { + "name": "RHSA-2014:0449", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0449.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=986678", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=986678" + }, + { + "name": "SUSE-SU-2014:0665", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html" + }, + { + "name": "DSA-2918", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2918" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=980537", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=980537" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=966630", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=966630" + }, + { + "name": "DSA-2924", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2924" + }, + { + "name": "USN-2185-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2185-1" + }, + { + "name": "1030164", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030164" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=991471", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=991471" + }, + { + "name": "1030163", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030163" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-34.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=993546", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=993546" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=986843", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=986843" + }, + { + "name": "FEDORA-2014-5829", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1811.json b/2014/1xxx/CVE-2014-1811.json index 74d859ca1e1..bbb4451ca08 100644 --- a/2014/1xxx/CVE-2014-1811.json +++ b/2014/1xxx/CVE-2014-1811.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka \"TCP Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx", - "refsource" : "CONFIRM", - "url" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx" - }, - { - "name" : "MS14-031", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-031" - }, - { - "name" : "67888", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67888" - }, - { - "name" : "58525", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (non-paged pool memory consumption and system hang) via malformed data in the Options field of a TCP header, aka \"TCP Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-031", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-031" + }, + { + "name": "58525", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58525" + }, + { + "name": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx", + "refsource": "CONFIRM", + "url": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx" + }, + { + "name": "67888", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67888" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1924.json b/2014/1xxx/CVE-2014-1924.json index bf134824ced..3609219f1ac 100644 --- a/2014/1xxx/CVE-2014-1924.json +++ b/2014/1xxx/CVE-2014-1924.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1924", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1924", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4404.json b/2014/4xxx/CVE-2014-4404.json index 1913dde4c3d..f57fbe35772 100644 --- a/2014/4xxx/CVE-2014-4404.json +++ b/2014/4xxx/CVE-2014-4404.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-4404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT6535", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6535" - }, - { - "name" : "https://support.apple.com/HT204659", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT204659" - }, - { - "name" : "http://support.apple.com/kb/HT6441", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6441" - }, - { - "name" : "http://support.apple.com/kb/HT6442", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6442" - }, - { - "name" : "APPLE-SA-2014-09-17-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" - }, - { - "name" : "APPLE-SA-2014-09-17-2", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" - }, - { - "name" : "APPLE-SA-2014-10-16-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" - }, - { - "name" : "APPLE-SA-2015-04-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" - }, - { - "name" : "69882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69882" - }, - { - "name" : "69947", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69947" - }, - { - "name" : "1030866", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030866" - }, - { - "name" : "appleios-cve20144404-bo(96111)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT204659", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT204659" + }, + { + "name": "http://support.apple.com/kb/HT6441", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6441" + }, + { + "name": "1030866", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030866" + }, + { + "name": "69947", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69947" + }, + { + "name": "http://support.apple.com/kb/HT6442", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6442" + }, + { + "name": "APPLE-SA-2014-10-16-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html" + }, + { + "name": "APPLE-SA-2014-09-17-2", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html" + }, + { + "name": "69882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69882" + }, + { + "name": "appleios-cve20144404-bo(96111)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96111" + }, + { + "name": "APPLE-SA-2015-04-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" + }, + { + "name": "https://support.apple.com/kb/HT6535", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6535" + }, + { + "name": "APPLE-SA-2014-09-17-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4464.json b/2014/4xxx/CVE-2014-4464.json index 802c140d15a..26b9262405f 100644 --- a/2014/4xxx/CVE-2014-4464.json +++ b/2014/4xxx/CVE-2014-4464.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4464", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-4464", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5194.json b/2014/5xxx/CVE-2014-5194.json index 9bd3d78c521..591c77ba53c 100644 --- a/2014/5xxx/CVE-2014-5194.json +++ b/2014/5xxx/CVE-2014-5194.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5194", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5194", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34189", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34189" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34189", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34189" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5263.json b/2014/5xxx/CVE-2014-5263.json index 87d8452809f..a1ae13883b7 100644 --- a/2014/5xxx/CVE-2014-5263.json +++ b/2014/5xxx/CVE-2014-5263.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140804 CVE Request -- qemu: missing field list terminator in vmstate_xhci_event", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/04/1" - }, - { - "name" : "[oss-security] 20140815 Re: CVE Request -- qemu: missing field list terminator in vmstate_xhci_event", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/16/1" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1126543", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1126543" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56" - }, - { - "name" : "USN-2409-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2409-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140804 CVE Request -- qemu: missing field list terminator in vmstate_xhci_event", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/04/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1126543", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126543" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56" + }, + { + "name": "[oss-security] 20140815 Re: CVE Request -- qemu: missing field list terminator in vmstate_xhci_event", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/16/1" + }, + { + "name": "USN-2409-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2409-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2130.json b/2015/2xxx/CVE-2015-2130.json index 3aac56b5e51..615b1cf5df7 100644 --- a/2015/2xxx/CVE-2015-2130.json +++ b/2015/2xxx/CVE-2015-2130.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2130", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-2130", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2193.json b/2015/2xxx/CVE-2015-2193.json index 84b011f4857..c31114cdde3 100644 --- a/2015/2xxx/CVE-2015-2193.json +++ b/2015/2xxx/CVE-2015-2193.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2193", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2193", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10087.json b/2016/10xxx/CVE-2016-10087.json index 0d14811aac4..3bc5a570a8c 100644 --- a/2016/10xxx/CVE-2016-10087.json +++ b/2016/10xxx/CVE-2016-10087.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161229 libpng NULL pointer dereference bugfix", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/29/2" - }, - { - "name" : "[oss-security] 20161230 Re: libpng NULL pointer dereference bugfix", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/30/4" - }, - { - "name" : "GLSA-201701-74", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-74" - }, - { - "name" : "USN-3712-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3712-1/" - }, - { - "name" : "USN-3712-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3712-2/" - }, - { - "name" : "95157", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-74", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-74" + }, + { + "name": "USN-3712-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3712-1/" + }, + { + "name": "[oss-security] 20161230 Re: libpng NULL pointer dereference bugfix", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/30/4" + }, + { + "name": "95157", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95157" + }, + { + "name": "USN-3712-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3712-2/" + }, + { + "name": "[oss-security] 20161229 libpng NULL pointer dereference bugfix", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/29/2" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10186.json b/2016/10xxx/CVE-2016-10186.json index db3ee1a01f2..3880e3d4ee3 100644 --- a/2016/10xxx/CVE-2016-10186.json +++ b/2016/10xxx/CVE-2016-10186.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10186", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10186", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", - "refsource" : "MISC", - "url" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html" - }, - { - "name" : "95877", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on the D-Link DWR-932B router. /var/miniupnpd.conf has no deny rules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", + "refsource": "MISC", + "url": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html" + }, + { + "name": "95877", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95877" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10657.json b/2016/10xxx/CVE-2016-10657.json index c653a1e06c1..3eef5a1e46d 100644 --- a/2016/10xxx/CVE-2016-10657.json +++ b/2016/10xxx/CVE-2016-10657.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10657", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "co-cli-installer node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10657", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "co-cli-installer node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/268", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/268", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/268" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3281.json b/2016/3xxx/CVE-2016-3281.json index 9e3784cdc2c..13f13ab23a7 100644 --- a/2016/3xxx/CVE-2016-3281.json +++ b/2016/3xxx/CVE-2016-3281.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3281", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3281", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-088", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088" - }, - { - "name" : "91588", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91588" - }, - { - "name" : "1036274", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036274" - }, - { - "name" : "1036275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036274", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036274" + }, + { + "name": "91588", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91588" + }, + { + "name": "1036275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036275" + }, + { + "name": "MS16-088", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4025.json b/2016/4xxx/CVE-2016-4025.json index 55d13c22a71..4f5168b175c 100644 --- a/2016/4xxx/CVE-2016-4025.json +++ b/2016/4xxx/CVE-2016-4025.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/", - "refsource" : "MISC", - "url" : "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/", + "refsource": "MISC", + "url": "https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8179.json b/2016/8xxx/CVE-2016-8179.json index deca256161e..adab5b4b5e7 100644 --- a/2016/8xxx/CVE-2016-8179.json +++ b/2016/8xxx/CVE-2016-8179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8179", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8179", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8255.json b/2016/8xxx/CVE-2016-8255.json index ece7ac23c31..0f58562e035 100644 --- a/2016/8xxx/CVE-2016-8255.json +++ b/2016/8xxx/CVE-2016-8255.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8255", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8255", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8653.json b/2016/8xxx/CVE-2016-8653.json index 21475158585..72f73e3c89f 100644 --- a/2016/8xxx/CVE-2016-8653.json +++ b/2016/8xxx/CVE-2016-8653.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psampaio@redhat.com", - "ID" : "CVE-2016-8653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Fuse", - "version" : { - "version_data" : [ - { - "version_value" : "6" - } - ] - } - } - ] - }, - "vendor_name" : "Red Hat" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-502" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-8653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Fuse", + "version": { + "version_data": [ + { + "version_value": "6" + } + ] + } + } + ] + }, + "vendor_name": "Red Hat" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653" - }, - { - "name" : "94544", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.0" + } + ], + [ + { + "vectorString": "5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P", + "version": "2.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8653" + }, + { + "name": "94544", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94544" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8836.json b/2016/8xxx/CVE-2016-8836.json index 9eb95e5ad5a..2a373d7135e 100644 --- a/2016/8xxx/CVE-2016-8836.json +++ b/2016/8xxx/CVE-2016-8836.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8836", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8836", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8881.json b/2016/8xxx/CVE-2016-8881.json index e229c6deef1..e15379b28eb 100644 --- a/2016/8xxx/CVE-2016-8881.json +++ b/2016/8xxx/CVE-2016-8881.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8881", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8881", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4517. Reason: This candidate is a duplicate of CVE-2011-4517. Notes: All CVE users should reference CVE-2011-4517 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9086.json b/2016/9xxx/CVE-2016-9086.json index cd130ec4616..e03e09be671 100644 --- a/2016/9xxx/CVE-2016-9086.json +++ b/2016/9xxx/CVE-2016-9086.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GitLab versions 8.9.x and above contain a critical security flaw in the \"import/export project\" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/", - "refsource" : "CONFIRM", - "url" : "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/" - }, - { - "name" : "94136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GitLab versions 8.9.x and above contain a critical security flaw in the \"import/export project\" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/", + "refsource": "CONFIRM", + "url": "https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/" + }, + { + "name": "94136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94136" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9236.json b/2016/9xxx/CVE-2016-9236.json index d446826f1b4..836aeeed48e 100644 --- a/2016/9xxx/CVE-2016-9236.json +++ b/2016/9xxx/CVE-2016-9236.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9236", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9236", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9397.json b/2016/9xxx/CVE-2016-9397.json index 02d0b3f2d34..f5b11ee3a23 100644 --- a/2016/9xxx/CVE-2016-9397.json +++ b/2016/9xxx/CVE-2016-9397.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161117 Re: jasper: multiple assertion failures", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/17/1" - }, - { - "name" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396979", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396979" - }, - { - "name" : "94373", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94373" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1396979", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396979" + }, + { + "name": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure" + }, + { + "name": "[oss-security] 20161117 Re: jasper: multiple assertion failures", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/17/1" + }, + { + "name": "94373", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94373" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9664.json b/2016/9xxx/CVE-2016-9664.json index eaa06e9cdb3..a5362a2af8f 100644 --- a/2016/9xxx/CVE-2016-9664.json +++ b/2016/9xxx/CVE-2016-9664.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9664", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9664", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2059.json b/2019/2xxx/CVE-2019-2059.json index 660b749a808..17b24dfad16 100644 --- a/2019/2xxx/CVE-2019-2059.json +++ b/2019/2xxx/CVE-2019-2059.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2059", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2059", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2139.json b/2019/2xxx/CVE-2019-2139.json index 0cfdc3ec070..11f0ef0a8a3 100644 --- a/2019/2xxx/CVE-2019-2139.json +++ b/2019/2xxx/CVE-2019-2139.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2139", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2139", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2722.json b/2019/2xxx/CVE-2019-2722.json index 8ea70f79300..41c857e4ebd 100644 --- a/2019/2xxx/CVE-2019-2722.json +++ b/2019/2xxx/CVE-2019-2722.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2722", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2722", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2723.json b/2019/2xxx/CVE-2019-2723.json index 6259f736be0..be1b8409efd 100644 --- a/2019/2xxx/CVE-2019-2723.json +++ b/2019/2xxx/CVE-2019-2723.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2723", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2723", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2911.json b/2019/2xxx/CVE-2019-2911.json index bd47b5123e1..910e1e62fae 100644 --- a/2019/2xxx/CVE-2019-2911.json +++ b/2019/2xxx/CVE-2019-2911.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2911", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2911", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6244.json b/2019/6xxx/CVE-2019-6244.json index f89a07c2d0c..4cd7fe969bb 100644 --- a/2019/6xxx/CVE-2019-6244.json +++ b/2019/6xxx/CVE-2019-6244.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/fdbao/UsualToolCMS/issues/1", - "refsource" : "MISC", - "url" : "https://github.com/fdbao/UsualToolCMS/issues/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/fdbao/UsualToolCMS/issues/1", + "refsource": "MISC", + "url": "https://github.com/fdbao/UsualToolCMS/issues/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6346.json b/2019/6xxx/CVE-2019-6346.json index a751f2b08bd..1976663ed6e 100644 --- a/2019/6xxx/CVE-2019-6346.json +++ b/2019/6xxx/CVE-2019-6346.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6346", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6346", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6532.json b/2019/6xxx/CVE-2019-6532.json index 393c6d6e8e3..2bad5f956fd 100644 --- a/2019/6xxx/CVE-2019-6532.json +++ b/2019/6xxx/CVE-2019-6532.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6532", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6532", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6797.json b/2019/6xxx/CVE-2019-6797.json index 6c0d328da95..cbfd0f4969b 100644 --- a/2019/6xxx/CVE-2019-6797.json +++ b/2019/6xxx/CVE-2019-6797.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6797", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6797", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7466.json b/2019/7xxx/CVE-2019-7466.json index 1d897013d13..bc80da9771f 100644 --- a/2019/7xxx/CVE-2019-7466.json +++ b/2019/7xxx/CVE-2019-7466.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7466", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7466", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7518.json b/2019/7xxx/CVE-2019-7518.json index db10c8eb858..0ed59be3025 100644 --- a/2019/7xxx/CVE-2019-7518.json +++ b/2019/7xxx/CVE-2019-7518.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7518", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7518", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file