From ae24bf8ae9acf561f22b45c665eeb0f389ce2678 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 07:09:17 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0311.json | 120 ++++----- 2000/0xxx/CVE-2000-0100.json | 130 +++++----- 2000/0xxx/CVE-2000-0422.json | 130 +++++----- 2000/0xxx/CVE-2000-0472.json | 180 +++++++------- 2000/0xxx/CVE-2000-0541.json | 140 +++++------ 2007/0xxx/CVE-2007-0389.json | 160 ++++++------ 2007/0xxx/CVE-2007-0397.json | 190 +++++++-------- 2007/1xxx/CVE-2007-1080.json | 170 ++++++------- 2007/1xxx/CVE-2007-1124.json | 160 ++++++------ 2007/1xxx/CVE-2007-1531.json | 170 ++++++------- 2007/1xxx/CVE-2007-1676.json | 34 +-- 2007/5xxx/CVE-2007-5470.json | 150 ++++++------ 2007/5xxx/CVE-2007-5555.json | 120 ++++----- 2007/5xxx/CVE-2007-5970.json | 180 +++++++------- 2007/5xxx/CVE-2007-5994.json | 140 +++++------ 2015/3xxx/CVE-2015-3197.json | 460 +++++++++++++++++------------------ 2015/3xxx/CVE-2015-3325.json | 140 +++++------ 2015/3xxx/CVE-2015-3572.json | 34 +-- 2015/3xxx/CVE-2015-3696.json | 150 ++++++------ 2015/6xxx/CVE-2015-6136.json | 210 ++++++++-------- 2015/6xxx/CVE-2015-6394.json | 130 +++++----- 2015/6xxx/CVE-2015-6795.json | 34 +-- 2015/7xxx/CVE-2015-7048.json | 210 ++++++++-------- 2015/7xxx/CVE-2015-7049.json | 140 +++++------ 2015/7xxx/CVE-2015-7051.json | 160 ++++++------ 2015/7xxx/CVE-2015-7127.json | 34 +-- 2015/7xxx/CVE-2015-7637.json | 150 ++++++------ 2015/8xxx/CVE-2015-8535.json | 34 +-- 2015/8xxx/CVE-2015-8570.json | 130 +++++----- 2015/8xxx/CVE-2015-8896.json | 190 +++++++-------- 2015/8xxx/CVE-2015-8901.json | 160 ++++++------ 2015/8xxx/CVE-2015-8969.json | 140 +++++------ 2015/9xxx/CVE-2015-9012.json | 142 +++++------ 2016/0xxx/CVE-2016-0207.json | 130 +++++----- 2016/0xxx/CVE-2016-0562.json | 130 +++++----- 2016/0xxx/CVE-2016-0747.json | 200 +++++++-------- 2016/0xxx/CVE-2016-0766.json | 280 ++++++++++----------- 2016/1xxx/CVE-2016-1238.json | 250 +++++++++---------- 2016/1xxx/CVE-2016-1244.json | 160 ++++++------ 2016/1xxx/CVE-2016-1685.json | 220 ++++++++--------- 2016/1xxx/CVE-2016-1864.json | 170 ++++++------- 2016/5xxx/CVE-2016-5006.json | 130 +++++----- 2016/5xxx/CVE-2016-5024.json | 140 +++++------ 2016/5xxx/CVE-2016-5610.json | 150 ++++++------ 2018/2xxx/CVE-2018-2063.json | 34 +-- 2019/0xxx/CVE-2019-0227.json | 34 +-- 2019/0xxx/CVE-2019-0391.json | 34 +-- 2019/0xxx/CVE-2019-0434.json | 34 +-- 2019/0xxx/CVE-2019-0861.json | 34 +-- 2019/1xxx/CVE-2019-1005.json | 34 +-- 2019/1xxx/CVE-2019-1127.json | 34 +-- 2019/1xxx/CVE-2019-1211.json | 34 +-- 2019/1xxx/CVE-2019-1718.json | 34 +-- 2019/4xxx/CVE-2019-4116.json | 34 +-- 2019/4xxx/CVE-2019-4466.json | 34 +-- 2019/4xxx/CVE-2019-4495.json | 34 +-- 2019/4xxx/CVE-2019-4798.json | 34 +-- 2019/5xxx/CVE-2019-5077.json | 34 +-- 2019/5xxx/CVE-2019-5096.json | 34 +-- 2019/5xxx/CVE-2019-5679.json | 34 +-- 2019/5xxx/CVE-2019-5968.json | 34 +-- 2019/8xxx/CVE-2019-8037.json | 34 +-- 2019/8xxx/CVE-2019-8195.json | 34 +-- 2019/8xxx/CVE-2019-8396.json | 120 ++++----- 2019/9xxx/CVE-2019-9041.json | 130 +++++----- 2019/9xxx/CVE-2019-9071.json | 150 ++++++------ 2019/9xxx/CVE-2019-9501.json | 34 +-- 2019/9xxx/CVE-2019-9675.json | 130 +++++----- 68 files changed, 3996 insertions(+), 3996 deletions(-) diff --git a/1999/0xxx/CVE-1999-0311.json b/1999/0xxx/CVE-1999-0311.json index eeadf4e8c85..7ac53055f68 100644 --- a/1999/0xxx/CVE-1999-0311.json +++ b/1999/0xxx/CVE-1999-0311.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0311", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fpkg2swpk in HP-UX allows local users to gain root access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0311", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9612-042", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9612-042" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fpkg2swpk in HP-UX allows local users to gain root access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX9612-042", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9612-042" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0100.json b/2000/0xxx/CVE-2000-0100.json index c67530c303c..6921e2b2693 100644 --- a/2000/0xxx/CVE-2000-0100.json +++ b/2000/0xxx/CVE-2000-0100.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0100", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0100", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000115 Security Vulnerability with SMS 2.0 Remote Control", - "refsource" : "NTBUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/ntbugtraq/current/0045.html" - }, - { - "name" : "MS00-012", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000115 Security Vulnerability with SMS 2.0 Remote Control", + "refsource": "NTBUGTRAQ", + "url": "http://archives.neohapsis.com/archives/ntbugtraq/current/0045.html" + }, + { + "name": "MS00-012", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-012" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0422.json b/2000/0xxx/CVE-2000-0422.json index 0b1e50aafd6..6ef8e3734d4 100644 --- a/2000/0xxx/CVE-2000-0422.json +++ b/2000/0xxx/CVE-2000-0422.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000504 Alert: DMailWeb buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95749276827558&w=2" - }, - { - "name" : "1171", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000504 Alert: DMailWeb buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95749276827558&w=2" + }, + { + "name": "1171", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1171" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0472.json b/2000/0xxx/CVE-2000-0472.json index 5958f8dc4b5..50b9f5b4f3e 100644 --- a/2000/0xxx/CVE-2000-0472.json +++ b/2000/0xxx/CVE-2000-0472.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0472", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000106 innd 2.2.2 remote buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0003.html" - }, - { - "name" : "CSSA-2000-016.0", - "refsource" : "CALDERA", - "url" : "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-016.0.txt" - }, - { - "name" : "20000707 inn update", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0097.html" - }, - { - "name" : "20000721 [ANNOUNCE] INN 2.2.3 available", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0298.html" - }, - { - "name" : "20000722 MDKSA-2000:023 inn update", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0330.html" - }, - { - "name" : "1316", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1316" - }, - { - "name" : "innd-cancel-overflow(4615)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000106 innd 2.2.2 remote buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0003.html" + }, + { + "name": "20000707 inn update", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0097.html" + }, + { + "name": "innd-cancel-overflow(4615)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4615" + }, + { + "name": "CSSA-2000-016.0", + "refsource": "CALDERA", + "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-016.0.txt" + }, + { + "name": "20000721 [ANNOUNCE] INN 2.2.3 available", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0298.html" + }, + { + "name": "20000722 MDKSA-2000:023 inn update", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0330.html" + }, + { + "name": "1316", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1316" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0541.json b/2000/0xxx/CVE-2000-0541.json index 8dfb93134e8..5460d286e9b 100644 --- a/2000/0xxx/CVE-2000-0541.json +++ b/2000/0xxx/CVE-2000-0541.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000617 Infosec.20000617.panda.a", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html" - }, - { - "name" : "panda-antivirus-remote-admin(4707)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707" - }, - { - "name" : "1359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1359" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "panda-antivirus-remote-admin(4707)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4707" + }, + { + "name": "20000617 Infosec.20000617.panda.a", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html" + }, + { + "name": "1359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1359" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0389.json b/2007/0xxx/CVE-2007-0389.json index 319ec3f9b34..c2ceafa3c32 100644 --- a/2007/0xxx/CVE-2007-0389.json +++ b/2007/0xxx/CVE-2007-0389.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in ArsDigita Community System (ACS) 3.4.10 and earlier, and ArsDigita Community Education Solution (ACES) 1.1, allows remote attackers to read arbitrary files via .%252e/ (double-encoded dot dot slash) sequences in the URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070118 Directory Traversal in ArsDigita Community System", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457318/100/0/threaded" - }, - { - "name" : "22121", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22121" - }, - { - "name" : "ADV-2007-0286", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0286" - }, - { - "name" : "33552", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33552" - }, - { - "name" : "acs-url-directory-traversal(31613)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31613" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in ArsDigita Community System (ACS) 3.4.10 and earlier, and ArsDigita Community Education Solution (ACES) 1.1, allows remote attackers to read arbitrary files via .%252e/ (double-encoded dot dot slash) sequences in the URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0286", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0286" + }, + { + "name": "acs-url-directory-traversal(31613)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31613" + }, + { + "name": "33552", + "refsource": "OSVDB", + "url": "http://osvdb.org/33552" + }, + { + "name": "22121", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22121" + }, + { + "name": "20070118 Directory Traversal in ArsDigita Community System", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457318/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0397.json b/2007/0xxx/CVE-2007-0397.json index 71d9a4c70fe..a457b9cb9e9 100644 --- a/2007/0xxx/CVE-2007-0397.json +++ b/2007/0xxx/CVE-2007-0397.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070118 SSL/TLS Certificate and SSH Public Key Validation Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml" - }, - { - "name" : "22111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22111" - }, - { - "name" : "ADV-2007-0245", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0245" - }, - { - "name" : "32720", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32720" - }, - { - "name" : "1017535", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017535" - }, - { - "name" : "1017536", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017536" - }, - { - "name" : "23836", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23836" - }, - { - "name" : "cisco-csmars-asdm-device-spoofing(31567)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31567" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017535", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017535" + }, + { + "name": "22111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22111" + }, + { + "name": "32720", + "refsource": "OSVDB", + "url": "http://osvdb.org/32720" + }, + { + "name": "ADV-2007-0245", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0245" + }, + { + "name": "1017536", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017536" + }, + { + "name": "23836", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23836" + }, + { + "name": "cisco-csmars-asdm-device-spoofing(31567)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31567" + }, + { + "name": "20070118 SSL/TLS Certificate and SSH Public Key Validation Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1080.json b/2007/1xxx/CVE-2007-1080.json index 41b51225ee6..04a5fe6e630 100644 --- a/2007/1xxx/CVE-2007-1080.json +++ b/2007/1xxx/CVE-2007-1080.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1080", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1080", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3341", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3341" - }, - { - "name" : "22634", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22634" - }, - { - "name" : "33752", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33752" - }, - { - "name" : "33782", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33782" - }, - { - "name" : "turboftp-cwd-dos(32605)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32605" - }, - { - "name" : "turboftp-list-dos(32604)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3341", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3341" + }, + { + "name": "33782", + "refsource": "OSVDB", + "url": "http://osvdb.org/33782" + }, + { + "name": "22634", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22634" + }, + { + "name": "turboftp-list-dos(32604)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32604" + }, + { + "name": "turboftp-cwd-dos(32605)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32605" + }, + { + "name": "33752", + "refsource": "OSVDB", + "url": "http://osvdb.org/33752" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1124.json b/2007/1xxx/CVE-2007-1124.json index 02e3ff7aa15..5971eec8328 100644 --- a/2007/1xxx/CVE-2007-1124.json +++ b/2007/1xxx/CVE-2007-1124.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1124", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1124", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070223 Simple one-file gallery", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461080/100/0/threaded" - }, - { - "name" : "22700", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22700" - }, - { - "name" : "33760", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33760" - }, - { - "name" : "2292", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2292" - }, - { - "name" : "sofg-gallery-file-include(32654)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070223 Simple one-file gallery", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461080/100/0/threaded" + }, + { + "name": "sofg-gallery-file-include(32654)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32654" + }, + { + "name": "22700", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22700" + }, + { + "name": "2292", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2292" + }, + { + "name": "33760", + "refsource": "OSVDB", + "url": "http://osvdb.org/33760" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1531.json b/2007/1xxx/CVE-2007-1531.json index 8b3107c982f..695a0cd33b0 100644 --- a/2007/1xxx/CVE-2007-1531.json +++ b/2007/1xxx/CVE-2007-1531.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1531", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1531", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 New report on Windows Vista network attack surface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462793/100/0/threaded" - }, - { - "name" : "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464617/100/0/threaded" - }, - { - "name" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", - "refsource" : "MISC", - "url" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" - }, - { - "name" : "23266", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23266" - }, - { - "name" : "33664", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33664" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", + "refsource": "MISC", + "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" + }, + { + "name": "20070313 New report on Windows Vista network attack surface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded" + }, + { + "name": "33664", + "refsource": "OSVDB", + "url": "http://osvdb.org/33664" + }, + { + "name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded" + }, + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" + }, + { + "name": "23266", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23266" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1676.json b/2007/1xxx/CVE-2007-1676.json index 99fc52d3124..515e85d42d8 100644 --- a/2007/1xxx/CVE-2007-1676.json +++ b/2007/1xxx/CVE-2007-1676.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1676", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1676", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5470.json b/2007/5xxx/CVE-2007-5470.json index 3a781770418..17d222c56fd 100644 --- a/2007/5xxx/CVE-2007-5470.json +++ b/2007/5xxx/CVE-2007-5470.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5470", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "942109", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/kb/942109" - }, - { - "name" : "25996", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25996" - }, - { - "name" : "38486", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38486" - }, - { - "name" : "27144", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27144", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27144" + }, + { + "name": "942109", + "refsource": "MSKB", + "url": "http://support.microsoft.com/kb/942109" + }, + { + "name": "25996", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25996" + }, + { + "name": "38486", + "refsource": "OSVDB", + "url": "http://osvdb.org/38486" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5555.json b/2007/5xxx/CVE-2007-5555.json index e98a6bcc71b..3923517310d 100644 --- a/2007/5xxx/CVE-2007-5555.json +++ b/2007/5xxx/CVE-2007-5555.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka \"Authentication Credentials Information Leakage in Altiris Deployment Solution.\" NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.irmplc.com/index.php/111-Vendor-Alerts", - "refsource" : "MISC", - "url" : "http://www.irmplc.com/index.php/111-Vendor-Alerts" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka \"Authentication Credentials Information Leakage in Altiris Deployment Solution.\" NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.irmplc.com/index.php/111-Vendor-Alerts", + "refsource": "MISC", + "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5970.json b/2007/5xxx/CVE-2007-5970.json index 6b2b4c00768..31e558ca76b 100644 --- a/2007/5xxx/CVE-2007-5970.json +++ b/2007/5xxx/CVE-2007-5970.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.mysql.com/bug.php?id=32091", - "refsource" : "CONFIRM", - "url" : "http://bugs.mysql.com/bug.php?id=32091" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html" - }, - { - "name" : "ADV-2008-0560", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0560/references" - }, - { - "name" : "42607", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42607" - }, - { - "name" : "1019084", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019084" - }, - { - "name" : "mysql-datadirectory-privilege-escalation(38988)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.mysql.com/bug.php?id=32091", + "refsource": "CONFIRM", + "url": "http://bugs.mysql.com/bug.php?id=32091" + }, + { + "name": "mysql-datadirectory-privilege-escalation(38988)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38988" + }, + { + "name": "1019084", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019084" + }, + { + "name": "ADV-2008-0560", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0560/references" + }, + { + "name": "42607", + "refsource": "OSVDB", + "url": "http://osvdb.org/42607" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html" + }, + { + "name": "http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5994.json b/2007/5xxx/CVE-2007-5994.json index e32949685a3..da57e635fa6 100644 --- a/2007/5xxx/CVE-2007-5994.json +++ b/2007/5xxx/CVE-2007-5994.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the config[path_src_include] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0711-exploits/yappa-ng-rfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0711-exploits/yappa-ng-rfi.txt" - }, - { - "name" : "26398", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26398" - }, - { - "name" : "39727", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39727" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the config[path_src_include] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/0711-exploits/yappa-ng-rfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0711-exploits/yappa-ng-rfi.txt" + }, + { + "name": "26398", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26398" + }, + { + "name": "39727", + "refsource": "OSVDB", + "url": "http://osvdb.org/39727" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3197.json b/2015/3xxx/CVE-2015-3197.json index 0b4bc7f981f..b886de322d1 100644 --- a/2015/3xxx/CVE-2015-3197.json +++ b/2015/3xxx/CVE-2015-3197.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3197", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3197", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openssl.org/news/secadv/20160128.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openssl.org/news/secadv/20160128.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "FEDORA-2016-527018d2ff", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html" - }, - { - "name" : "FreeBSD-SA-16:11", - "refsource" : "FREEBSD", - "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc" - }, - { - "name" : "GLSA-201601-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-05" - }, - { - "name" : "openSUSE-SU-2016:1239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:1241", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html" - }, - { - "name" : "SUSE-SU-2016:1057", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0617", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" - }, - { - "name" : "SUSE-SU-2016:0620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" - }, - { - "name" : "SUSE-SU-2016:0621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" - }, - { - "name" : "SUSE-SU-2016:0624", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" - }, - { - "name" : "SUSE-SU-2016:0631", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:0641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html" - }, - { - "name" : "openSUSE-SU-2016:0628", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:0637", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" - }, - { - "name" : "openSUSE-SU-2016:0638", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" - }, - { - "name" : "openSUSE-SU-2016:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" - }, - { - "name" : "SUSE-SU-2016:0678", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:0720", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html" - }, - { - "name" : "VU#257823", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/257823" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "82237", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82237" - }, - { - "name" : "1034849", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034849" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "FEDORA-2016-527018d2ff", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "openSUSE-SU-2016:0638", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2016:1239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html" + }, + { + "name": "SUSE-SU-2016:0621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" + }, + { + "name": "1034849", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034849" + }, + { + "name": "openSUSE-SU-2016:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "http://www.openssl.org/news/secadv/20160128.txt", + "refsource": "CONFIRM", + "url": "http://www.openssl.org/news/secadv/20160128.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "SUSE-SU-2016:1057", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893" + }, + { + "name": "GLSA-201601-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-05" + }, + { + "name": "openSUSE-SU-2016:1241", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html" + }, + { + "name": "openSUSE-SU-2016:0720", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us" + }, + { + "name": "SUSE-SU-2016:0624", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" + }, + { + "name": "SUSE-SU-2016:0631", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "SUSE-SU-2016:0617", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" + }, + { + "name": "VU#257823", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/257823" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "openSUSE-SU-2016:0628", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + }, + { + "name": "82237", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82237" + }, + { + "name": "SUSE-SU-2016:0678", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html" + }, + { + "name": "SUSE-SU-2016:0620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" + }, + { + "name": "openSUSE-SU-2016:0637", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" + }, + { + "name": "SUSE-SU-2016:0641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + }, + { + "name": "FreeBSD-SA-16:11", + "refsource": "FREEBSD", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:11.openssl.asc" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=d81a1600588b726c2bdccda7efad3cc7a87d6245" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3325.json b/2015/3xxx/CVE-2015-3325.json index 5c0cfd171ed..00dff74fde9 100644 --- a/2015/3xxx/CVE-2015-3325.json +++ b/2015/3xxx/CVE-2015-3325.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37080", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37080/" - }, - { - "name" : "http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.html" - }, - { - "name" : "74237", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74237" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in forum.php in the WP Symposium plugin before 15.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74237", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74237" + }, + { + "name": "http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131801/WordPress-WP-Symposium-15.1-SQL-Injection.html" + }, + { + "name": "37080", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37080/" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3572.json b/2015/3xxx/CVE-2015-3572.json index 37e4366f9e3..31543a46e83 100644 --- a/2015/3xxx/CVE-2015-3572.json +++ b/2015/3xxx/CVE-2015-3572.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3572", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3572. Reason: This candidate is a duplicate of CVE-2014-3572. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-3572 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-3572", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3572. Reason: This candidate is a duplicate of CVE-2014-3572. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-3572 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3696.json b/2015/3xxx/CVE-2015-3696.json index 89a836e15e3..5584d8225ec 100644 --- a/2015/3xxx/CVE-2015-3696.json +++ b/2015/3xxx/CVE-2015-3696.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3696", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3696", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6136.json b/2015/6xxx/CVE-2015-6136.json index c8f4f5a4092..924faf896f0 100644 --- a/2015/6xxx/CVE-2015-6136.json +++ b/2015/6xxx/CVE-2015-6136.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6136", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6136", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-591", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-591" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-597", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-597" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-592", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-592" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-593", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-593" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-594", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-594" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-595", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-595" - }, - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "MS15-126", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-126" - }, - { - "name" : "1034317", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034317" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-595", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-595" + }, + { + "name": "MS15-126", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-126" + }, + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-594", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-594" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-592", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-592" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-593", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-593" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-597", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-597" + }, + { + "name": "1034317", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034317" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-591", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-591" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6394.json b/2015/6xxx/CVE-2015-6394.json index b481b9e76ff..14531bce41b 100644 --- a/2015/6xxx/CVE-2015-6394.json +++ b/2015/6xxx/CVE-2015-6394.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6394", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151204 Cisco Nexus 5000 Series USB Driver Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-nexus" - }, - { - "name" : "1034295", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034295" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of service (device crash) via crafted USB parameters, aka Bug ID CSCus89408." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151204 Cisco Nexus 5000 Series USB Driver Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-nexus" + }, + { + "name": "1034295", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034295" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6795.json b/2015/6xxx/CVE-2015-6795.json index 671b22cf612..d5b3db479f5 100644 --- a/2015/6xxx/CVE-2015-6795.json +++ b/2015/6xxx/CVE-2015-6795.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6795", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6795", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7048.json b/2015/7xxx/CVE-2015-7048.json index 88b6793c1bb..e4d9f3644f3 100644 --- a/2015/7xxx/CVE-2015-7048.json +++ b/2015/7xxx/CVE-2015-7048.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205639", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205639" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/kb/HT205636", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205636" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:0761", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" - }, - { - "name" : "78720", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78720" - }, - { - "name" : "1034341", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034341" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "78720", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78720" + }, + { + "name": "https://support.apple.com/kb/HT205636", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205636" + }, + { + "name": "openSUSE-SU-2016:0761", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" + }, + { + "name": "APPLE-SA-2015-12-08-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205639", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205639" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "1034341", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034341" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7049.json b/2015/7xxx/CVE-2015-7049.json index ac9b4079a7a..d3600faa3bb 100644 --- a/2015/7xxx/CVE-2015-7049.json +++ b/2015/7xxx/CVE-2015-7049.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205642", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205642" - }, - { - "name" : "APPLE-SA-2015-12-08-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" - }, - { - "name" : "1034340", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034340" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205642", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205642" + }, + { + "name": "APPLE-SA-2015-12-08-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" + }, + { + "name": "1034340", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034340" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7051.json b/2015/7xxx/CVE-2015-7051.json index c7f0340ce44..0176a78a627 100644 --- a/2015/7xxx/CVE-2015-7051.json +++ b/2015/7xxx/CVE-2015-7051.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7051", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7051", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "1034348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MobileStorageMounter in Apple iOS before 9.2 and tvOS before 9.1 mishandles the timing of trust-cache loading, which allows attackers to execute arbitrary code in a privileged context via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "1034348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034348" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7127.json b/2015/7xxx/CVE-2015-7127.json index 57a1643cac4..305c75b3bc4 100644 --- a/2015/7xxx/CVE-2015-7127.json +++ b/2015/7xxx/CVE-2015-7127.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7127", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7127", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7637.json b/2015/7xxx/CVE-2015-7637.json index 7e5f5f6ae71..35f649bf5ea 100644 --- a/2015/7xxx/CVE-2015-7637.json +++ b/2015/7xxx/CVE-2015-7637.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7638, CVE-2015-7639, CVE-2015-7640, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "RHSA-2015:1893", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html" - }, - { - "name" : "77061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7638, CVE-2015-7639, CVE-2015-7640, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "77061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77061" + }, + { + "name": "RHSA-2015:1893", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8535.json b/2015/8xxx/CVE-2015-8535.json index 099efae2518..5ebc8582ae9 100644 --- a/2015/8xxx/CVE-2015-8535.json +++ b/2015/8xxx/CVE-2015-8535.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8535", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8535", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8570.json b/2015/8xxx/CVE-2015-8570.json index 9f4812ec2fc..a09a369eb54 100644 --- a/2015/8xxx/CVE-2015-8570.json +++ b/2015/8xxx/CVE-2015-8570.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-621", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-621" - }, - { - "name" : "78729", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The password reset functionality in Lepide Active Directory Self Service allows remote authenticated users to change arbitrary domain user passwords via a crafted request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-621", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-621" + }, + { + "name": "78729", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78729" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8896.json b/2015/8xxx/CVE-2015-8896.json index 17906522601..bf97868db80 100644 --- a/2015/8xxx/CVE-2015-8896.json +++ b/2015/8xxx/CVE-2015-8896.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151006 CVE Request: ImageMagick", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/07/2" - }, - { - "name" : "[oss-security] 20151008 Re: CVE Request: ImageMagick", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/08/3" - }, - { - "name" : "[oss-security] 20160602 Re: ImageMagick CVEs", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803", - "refsource" : "MISC", - "url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "RHSA-2016:1237", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1237" - }, - { - "name" : "91027", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91027" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1237", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1237" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "91027", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91027" + }, + { + "name": "[oss-security] 20160602 Re: ImageMagick CVEs", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/02/13" + }, + { + "name": "[oss-security] 20151008 Re: CVE Request: ImageMagick", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/08/3" + }, + { + "name": "[oss-security] 20151006 CVE Request: ImageMagick", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/07/2" + }, + { + "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803", + "refsource": "MISC", + "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8901.json b/2015/8xxx/CVE-2015-8901.json index 8d75a701f47..6d84c9a258a 100644 --- a/2015/8xxx/CVE-2015-8901.json +++ b/2015/8xxx/CVE-2015-8901.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150226 Requesting CVE for ImageMagick DoS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/02/26/13" - }, - { - "name" : "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/06/2" - }, - { - "name" : "http://trac.imagemagick.org/changeset/17854", - "refsource" : "CONFIRM", - "url" : "http://trac.imagemagick.org/changeset/17854" - }, - { - "name" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931", - "refsource" : "CONFIRM", - "url" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195265", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195265" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150226 Requesting CVE for ImageMagick DoS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/02/26/13" + }, + { + "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931", + "refsource": "CONFIRM", + "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931" + }, + { + "name": "[oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/06/2" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195265" + }, + { + "name": "http://trac.imagemagick.org/changeset/17854", + "refsource": "CONFIRM", + "url": "http://trac.imagemagick.org/changeset/17854" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8969.json b/2015/8xxx/CVE-2015-8969.json index dae00354c1c..ebe05d73ae7 100644 --- a/2015/8xxx/CVE-2015-8969.json +++ b/2015/8xxx/CVE-2015-8969.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "ID" : "CVE-2015-8969", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "git-fastclone ruby gem All versions before 1.0.5", - "version" : { - "version_data" : [ - { - "version_value" : "git-fastclone ruby gem All versions before 1.0.5" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to \"cd \" and \"git clone \" commands in the library." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Arbitrary Command Execution" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "ID": "CVE-2015-8969", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "git-fastclone ruby gem All versions before 1.0.5", + "version": { + "version_data": [ + { + "version_value": "git-fastclone ruby gem All versions before 1.0.5" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/square/git-fastclone/pull/5", - "refsource" : "MISC", - "url" : "https://github.com/square/git-fastclone/pull/5" - }, - { - "name" : "https://hackerone.com/reports/105190", - "refsource" : "MISC", - "url" : "https://hackerone.com/reports/105190" - }, - { - "name" : "81433", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to \"cd \" and \"git clone \" commands in the library." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary Command Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "81433", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81433" + }, + { + "name": "https://github.com/square/git-fastclone/pull/5", + "refsource": "MISC", + "url": "https://github.com/square/git-fastclone/pull/5" + }, + { + "name": "https://hackerone.com/reports/105190", + "refsource": "MISC", + "url": "https://hackerone.com/reports/105190" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9012.json b/2015/9xxx/CVE-2015-9012.json index 39fa91f8eee..2711198db06 100644 --- a/2015/9xxx/CVE-2015-9012.json +++ b/2015/9xxx/CVE-2015-9012.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-06-05T00:00:00", - "ID" : "CVE-2015-9012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-06-05T00:00:00", + "ID": "CVE-2015-9012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0207.json b/2016/0xxx/CVE-2016-0207.json index aaa68140fbf..6977f7ff763 100644 --- a/2016/0xxx/CVE-2016-0207.json +++ b/2016/0xxx/CVE-2016-0207.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0207", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0207", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981322", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981322" - }, - { - "name" : "ibm-algo-cve20160207-clickjacking(109399)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/109399" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. IBM X-Force ID: 109399." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981322", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981322" + }, + { + "name": "ibm-algo-cve20160207-clickjacking(109399)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109399" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0562.json b/2016/0xxx/CVE-2016-0562.json index f21fe13f3e1..e7e4bcffadb 100644 --- a/2016/0xxx/CVE-2016-0562.json +++ b/2016/0xxx/CVE-2016-0562.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0562", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vectors related to CRM User Management Framework." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0562", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vectors related to CRM User Management Framework." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0747.json b/2016/0xxx/CVE-2016-0747.json index 70b0bf75f01..a90c9363edb 100644 --- a/2016/0xxx/CVE-2016-0747.json +++ b/2016/0xxx/CVE-2016-0747.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0747", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0747", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)", - "refsource" : "MLIST", - "url" : "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1302589", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1302589" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa115", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa115" - }, - { - "name" : "DSA-3473", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3473" - }, - { - "name" : "GLSA-201606-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-06" - }, - { - "name" : "RHSA-2016:1425", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1425" - }, - { - "name" : "openSUSE-SU-2016:0371", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html" - }, - { - "name" : "USN-2892-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2892-1" - }, - { - "name" : "1034869", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034869" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0371", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa115", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa115" + }, + { + "name": "GLSA-201606-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-06" + }, + { + "name": "1034869", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034869" + }, + { + "name": "[nginx] 20160126 nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)", + "refsource": "MLIST", + "url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html" + }, + { + "name": "RHSA-2016:1425", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1425" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1302589", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302589" + }, + { + "name": "DSA-3473", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3473" + }, + { + "name": "USN-2892-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2892-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0766.json b/2016/0xxx/CVE-2016-0766.json index 57e27c661b8..13f486cecd3 100644 --- a/2016/0xxx/CVE-2016-0766.json +++ b/2016/0xxx/CVE-2016-0766.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.postgresql.org/about/news/1644/", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/about/news/1644/" - }, - { - "name" : "http://www.postgresql.org/docs/current/static/release-9-1-20.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/current/static/release-9-1-20.html" - }, - { - "name" : "http://www.postgresql.org/docs/current/static/release-9-2-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/current/static/release-9-2-15.html" - }, - { - "name" : "http://www.postgresql.org/docs/current/static/release-9-3-11.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/current/static/release-9-3-11.html" - }, - { - "name" : "http://www.postgresql.org/docs/current/static/release-9-4-6.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/current/static/release-9-4-6.html" - }, - { - "name" : "http://www.postgresql.org/docs/current/static/release-9-5-1.html", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/docs/current/static/release-9-5-1.html" - }, - { - "name" : "DSA-3476", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3476" - }, - { - "name" : "DSA-3475", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3475" - }, - { - "name" : "GLSA-201701-33", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-33" - }, - { - "name" : "openSUSE-SU-2016:0578", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html" - }, - { - "name" : "SUSE-SU-2016:0677", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html" - }, - { - "name" : "SUSE-SU-2016:0539", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html" - }, - { - "name" : "SUSE-SU-2016:0555", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html" - }, - { - "name" : "openSUSE-SU-2016:0531", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html" - }, - { - "name" : "USN-2894-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2894-1" - }, - { - "name" : "83184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83184" - }, - { - "name" : "1035005", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0555", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html" + }, + { + "name": "http://www.postgresql.org/docs/current/static/release-9-3-11.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html" + }, + { + "name": "SUSE-SU-2016:0677", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html" + }, + { + "name": "SUSE-SU-2016:0539", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html" + }, + { + "name": "http://www.postgresql.org/docs/current/static/release-9-2-15.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html" + }, + { + "name": "http://www.postgresql.org/docs/current/static/release-9-5-1.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html" + }, + { + "name": "GLSA-201701-33", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-33" + }, + { + "name": "http://www.postgresql.org/about/news/1644/", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/about/news/1644/" + }, + { + "name": "1035005", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035005" + }, + { + "name": "83184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83184" + }, + { + "name": "openSUSE-SU-2016:0578", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html" + }, + { + "name": "http://www.postgresql.org/docs/current/static/release-9-4-6.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html" + }, + { + "name": "USN-2894-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2894-1" + }, + { + "name": "openSUSE-SU-2016:0531", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html" + }, + { + "name": "http://www.postgresql.org/docs/current/static/release-9-1-20.html", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html" + }, + { + "name": "DSA-3476", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3476" + }, + { + "name": "DSA-3475", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3475" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1238.json b/2016/1xxx/CVE-2016-1238.json index 544df43e2b8..93640defce3 100644 --- a/2016/1xxx/CVE-2016-1238.json +++ b/2016/1xxx/CVE-2016-1238.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[perl.perl5.porters] 20160725 CVE-2016-1238: Important unsafe module load path flaw", - "refsource" : "MLIST", - "url" : "http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html" - }, - { - "name" : "[announce] 20180916 [SECURITY] Apache SpamAssassin 3.4.2 resolves CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781", - "refsource" : "MLIST", - "url" : "https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E" - }, - { - "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1578-1] spamassassin security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html" - }, - { - "name" : "http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab", - "refsource" : "CONFIRM", - "url" : "http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab" - }, - { - "name" : "https://rt.perl.org/Public/Bug/Display.html?id=127834", - "refsource" : "CONFIRM", - "url" : "https://rt.perl.org/Public/Bug/Display.html?id=127834" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "DSA-3628", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3628" - }, - { - "name" : "FEDORA-2016-e9e5c081d4", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/" - }, - { - "name" : "FEDORA-2016-6ec2009080", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/" - }, - { - "name" : "FEDORA-2016-dd20a4631a", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/" - }, - { - "name" : "GLSA-201701-75", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-75" - }, - { - "name" : "GLSA-201812-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201812-07" - }, - { - "name" : "92136", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92136" - }, - { - "name" : "1036440", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036440" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-75", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-75" + }, + { + "name": "GLSA-201812-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201812-07" + }, + { + "name": "http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab", + "refsource": "CONFIRM", + "url": "http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab" + }, + { + "name": "1036440", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036440" + }, + { + "name": "DSA-3628", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3628" + }, + { + "name": "[announce] 20180916 [SECURITY] Apache SpamAssassin 3.4.2 resolves CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781", + "refsource": "MLIST", + "url": "https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E" + }, + { + "name": "FEDORA-2016-6ec2009080", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/" + }, + { + "name": "[perl.perl5.porters] 20160725 CVE-2016-1238: Important unsafe module load path flaw", + "refsource": "MLIST", + "url": "http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html" + }, + { + "name": "FEDORA-2016-e9e5c081d4", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "FEDORA-2016-dd20a4631a", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/" + }, + { + "name": "92136", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92136" + }, + { + "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1578-1] spamassassin security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html" + }, + { + "name": "https://rt.perl.org/Public/Bug/Display.html?id=127834", + "refsource": "CONFIRM", + "url": "https://rt.perl.org/Public/Bug/Display.html?id=127834" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1244.json b/2016/1xxx/CVE-2016-1244.json index bc0e2bce017..7b9913128e6 100644 --- a/2016/1xxx/CVE-2016-1244.json +++ b/2016/1xxx/CVE-2016-1244.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tmp.tjjr.fi/0001-Fix-unsafe-extraction-by-using-mkdir-instead-of-shel.patch", - "refsource" : "MISC", - "url" : "http://tmp.tjjr.fi/0001-Fix-unsafe-extraction-by-using-mkdir-instead-of-shel.patch" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838248", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838248" - }, - { - "name" : "DSA-3676", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3676" - }, - { - "name" : "GLSA-201804-20", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201804-20" - }, - { - "name" : "93332", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93332" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93332", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93332" + }, + { + "name": "GLSA-201804-20", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201804-20" + }, + { + "name": "http://tmp.tjjr.fi/0001-Fix-unsafe-extraction-by-using-mkdir-instead-of-shel.patch", + "refsource": "MISC", + "url": "http://tmp.tjjr.fi/0001-Fix-unsafe-extraction-by-using-mkdir-instead-of-shel.patch" + }, + { + "name": "DSA-3676", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3676" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838248", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838248" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1685.json b/2016/1xxx/CVE-2016-1685.json index bfefccf359c..5a3362c1c69 100644 --- a/2016/1xxx/CVE-2016-1685.json +++ b/2016/1xxx/CVE-2016-1685.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" - }, - { - "name" : "https://codereview.chromium.org/1875673004", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1875673004" - }, - { - "name" : "https://crbug.com/601362", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/601362" - }, - { - "name" : "DSA-3590", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3590" - }, - { - "name" : "GLSA-201607-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-07" - }, - { - "name" : "RHSA-2016:1190", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1190" - }, - { - "name" : "openSUSE-SU-2016:1430", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" - }, - { - "name" : "openSUSE-SU-2016:1433", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" - }, - { - "name" : "openSUSE-SU-2016:1496", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" - }, - { - "name" : "90876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90876" - }, - { - "name" : "1035981", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90876" + }, + { + "name": "openSUSE-SU-2016:1496", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" + }, + { + "name": "1035981", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035981" + }, + { + "name": "DSA-3590", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3590" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" + }, + { + "name": "https://crbug.com/601362", + "refsource": "CONFIRM", + "url": "https://crbug.com/601362" + }, + { + "name": "openSUSE-SU-2016:1430", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" + }, + { + "name": "RHSA-2016:1190", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1190" + }, + { + "name": "https://codereview.chromium.org/1875673004", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1875673004" + }, + { + "name": "GLSA-201607-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-07" + }, + { + "name": "openSUSE-SU-2016:1433", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1864.json b/2016/1xxx/CVE-2016-1864.json index c55acafd831..aaec58cb8a5 100644 --- a/2016/1xxx/CVE-2016-1864.json +++ b/2016/1xxx/CVE-2016-1864.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1864", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1864", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206171", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206171" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" - }, - { - "name" : "91358", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91358" - }, - { - "name" : "1036344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036344" + }, + { + "name": "APPLE-SA-2016-03-21-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "https://support.apple.com/HT206171", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206171" + }, + { + "name": "91358", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91358" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5006.json b/2016/5xxx/CVE-2016-5006.json index c3700b9a158..7d54a7f98f3 100644 --- a/2016/5xxx/CVE-2016-5006.json +++ b/2016/5xxx/CVE-2016-5006.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pivotal.io/security/cve-2016-5006", - "refsource" : "CONFIRM", - "url" : "https://pivotal.io/security/cve-2016-5006" - }, - { - "name" : "https://www.cloudfoundry.org/CVE-2016-5006/", - "refsource" : "CONFIRM", - "url" : "https://www.cloudfoundry.org/CVE-2016-5006/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation, which allows attackers to obtain sensitive user credential information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cloudfoundry.org/CVE-2016-5006/", + "refsource": "CONFIRM", + "url": "https://www.cloudfoundry.org/CVE-2016-5006/" + }, + { + "name": "https://pivotal.io/security/cve-2016-5006", + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2016-5006" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5024.json b/2016/5xxx/CVE-2016-5024.json index bc45493a58f..646a287298c 100644 --- a/2016/5xxx/CVE-2016-5024.json +++ b/2016/5xxx/CVE-2016-5024.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "f5sirt@f5.com", - "ID" : "CVE-2016-5024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM", - "version" : { - "version_data" : [ - { - "version_value" : "11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "F5 Networks" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "iRules RADIUS message parsing vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "f5sirt@f5.com", + "ID": "CVE-2016-5024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM", + "version": { + "version_data": [ + { + "version_value": "11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2" + } + ] + } + } + ] + }, + "vendor_name": "F5 Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/csp/#/article/K92859602", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/csp/#/article/K92859602" - }, - { - "name" : "95228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95228" - }, - { - "name" : "1037510", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037510" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "iRules RADIUS message parsing vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.f5.com/csp/#/article/K92859602", + "refsource": "CONFIRM", + "url": "https://support.f5.com/csp/#/article/K92859602" + }, + { + "name": "95228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95228" + }, + { + "name": "1037510", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037510" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5610.json b/2016/5xxx/CVE-2016-5610.json index eb95827e131..5b6175d01a2 100644 --- a/2016/5xxx/CVE-2016-5610.json +++ b/2016/5xxx/CVE-2016-5610.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5610", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5610", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "GLSA-201612-27", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-27" - }, - { - "name" : "93711", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93711" - }, - { - "name" : "1037053", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201612-27", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-27" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93711", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93711" + }, + { + "name": "1037053", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037053" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2063.json b/2018/2xxx/CVE-2018-2063.json index ac467ca2056..a7ba781fd4c 100644 --- a/2018/2xxx/CVE-2018-2063.json +++ b/2018/2xxx/CVE-2018-2063.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2063", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2063", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0227.json b/2019/0xxx/CVE-2019-0227.json index f982fc6493d..775e5cb2889 100644 --- a/2019/0xxx/CVE-2019-0227.json +++ b/2019/0xxx/CVE-2019-0227.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0227", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0227", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0391.json b/2019/0xxx/CVE-2019-0391.json index 75aa184c6e1..ae40139d198 100644 --- a/2019/0xxx/CVE-2019-0391.json +++ b/2019/0xxx/CVE-2019-0391.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0391", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0391", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0434.json b/2019/0xxx/CVE-2019-0434.json index 270c2c2bae3..f9c7e795a6e 100644 --- a/2019/0xxx/CVE-2019-0434.json +++ b/2019/0xxx/CVE-2019-0434.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0434", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0434", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0861.json b/2019/0xxx/CVE-2019-0861.json index 2634fb83fb1..977d40d309f 100644 --- a/2019/0xxx/CVE-2019-0861.json +++ b/2019/0xxx/CVE-2019-0861.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0861", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0861", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1005.json b/2019/1xxx/CVE-2019-1005.json index fd410d4e17d..929250557fc 100644 --- a/2019/1xxx/CVE-2019-1005.json +++ b/2019/1xxx/CVE-2019-1005.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1005", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1005", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1127.json b/2019/1xxx/CVE-2019-1127.json index b956bb83487..739e58244e6 100644 --- a/2019/1xxx/CVE-2019-1127.json +++ b/2019/1xxx/CVE-2019-1127.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1127", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1127", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1211.json b/2019/1xxx/CVE-2019-1211.json index f2d1c4c695e..acadd9f275d 100644 --- a/2019/1xxx/CVE-2019-1211.json +++ b/2019/1xxx/CVE-2019-1211.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1211", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1211", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1718.json b/2019/1xxx/CVE-2019-1718.json index 9a669bfb98e..80da84fd109 100644 --- a/2019/1xxx/CVE-2019-1718.json +++ b/2019/1xxx/CVE-2019-1718.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1718", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1718", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4116.json b/2019/4xxx/CVE-2019-4116.json index f8d3b7515eb..08e9191aa92 100644 --- a/2019/4xxx/CVE-2019-4116.json +++ b/2019/4xxx/CVE-2019-4116.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4116", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4116", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4466.json b/2019/4xxx/CVE-2019-4466.json index f89b47c2cba..74408472f51 100644 --- a/2019/4xxx/CVE-2019-4466.json +++ b/2019/4xxx/CVE-2019-4466.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4466", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4466", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4495.json b/2019/4xxx/CVE-2019-4495.json index b5f2978724b..90e11b234fd 100644 --- a/2019/4xxx/CVE-2019-4495.json +++ b/2019/4xxx/CVE-2019-4495.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4495", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4495", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4798.json b/2019/4xxx/CVE-2019-4798.json index 9ca84346b36..a9bd9416a05 100644 --- a/2019/4xxx/CVE-2019-4798.json +++ b/2019/4xxx/CVE-2019-4798.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4798", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4798", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5077.json b/2019/5xxx/CVE-2019-5077.json index 3dfbba0c765..cb2b6788e92 100644 --- a/2019/5xxx/CVE-2019-5077.json +++ b/2019/5xxx/CVE-2019-5077.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5077", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5077", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5096.json b/2019/5xxx/CVE-2019-5096.json index a85295bca63..8b375427e5b 100644 --- a/2019/5xxx/CVE-2019-5096.json +++ b/2019/5xxx/CVE-2019-5096.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5096", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5096", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5679.json b/2019/5xxx/CVE-2019-5679.json index a3c424a18b3..c413d9396b6 100644 --- a/2019/5xxx/CVE-2019-5679.json +++ b/2019/5xxx/CVE-2019-5679.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5679", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5679", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5968.json b/2019/5xxx/CVE-2019-5968.json index 7f80f6b7921..9dde086cda2 100644 --- a/2019/5xxx/CVE-2019-5968.json +++ b/2019/5xxx/CVE-2019-5968.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5968", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5968", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8037.json b/2019/8xxx/CVE-2019-8037.json index f6b86d5e81d..c93aad0e923 100644 --- a/2019/8xxx/CVE-2019-8037.json +++ b/2019/8xxx/CVE-2019-8037.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8037", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8037", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8195.json b/2019/8xxx/CVE-2019-8195.json index c37888d1d51..566b56aa8ba 100644 --- a/2019/8xxx/CVE-2019-8195.json +++ b/2019/8xxx/CVE-2019-8195.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8195", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8195", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8396.json b/2019/8xxx/CVE-2019-8396.json index 7ef863d7bcd..641f0a084cc 100644 --- a/2019/8xxx/CVE-2019-8396.json +++ b/2019/8xxx/CVE-2019-8396.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka \"Invalid write of size 2.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/magicSwordsMan/PAAFS/tree/master/vul4", - "refsource" : "MISC", - "url" : "https://github.com/magicSwordsMan/PAAFS/tree/master/vul4" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka \"Invalid write of size 2.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/magicSwordsMan/PAAFS/tree/master/vul4", + "refsource": "MISC", + "url": "https://github.com/magicSwordsMan/PAAFS/tree/master/vul4" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9041.json b/2019/9xxx/CVE-2019-9041.json index aa3b58636f8..93a59c8dc7b 100644 --- a/2019/9xxx/CVE-2019-9041.json +++ b/2019/9xxx/CVE-2019-9041.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46454", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46454/" - }, - { - "name" : "http://www.iwantacve.cn/index.php/archives/118/", - "refsource" : "MISC", - "url" : "http://www.iwantacve.cn/index.php/archives/118/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.iwantacve.cn/index.php/archives/118/", + "refsource": "MISC", + "url": "http://www.iwantacve.cn/index.php/archives/118/" + }, + { + "name": "46454", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46454/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9071.json b/2019/9xxx/CVE-2019-9071.json index 2e7c15c5bc8..5681ffd8899 100644 --- a/2019/9xxx/CVE-2019-9071.json +++ b/2019/9xxx/CVE-2019-9071.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9071", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9071", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", - "refsource" : "MISC", - "url" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24227" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190314-0003/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190314-0003/" - }, - { - "name" : "107147", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24227" + }, + { + "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "refsource": "MISC", + "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190314-0003/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190314-0003/" + }, + { + "name": "107147", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107147" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9501.json b/2019/9xxx/CVE-2019-9501.json index 8fa2b8ab8b9..975ead6c916 100644 --- a/2019/9xxx/CVE-2019-9501.json +++ b/2019/9xxx/CVE-2019-9501.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9501", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9501", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9675.json b/2019/9xxx/CVE-2019-9675.json index edb8adc25e7..9dee767ae8b 100644 --- a/2019/9xxx/CVE-2019-9675.json +++ b/2019/9xxx/CVE-2019-9675.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9675", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: \"This issue allows theoretical compromise of security, but a practical attack is usually impossible.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9675", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "MISC", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=77586", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=77586" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: \"This issue allows theoretical compromise of security, but a practical attack is usually impossible.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "MISC", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=77586", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=77586" + } + ] + } +} \ No newline at end of file