diff --git a/2007/0xxx/CVE-2007-0761.json b/2007/0xxx/CVE-2007-0761.json index 1998e9c3cf9..4f65a4e31c0 100644 --- a/2007/0xxx/CVE-2007-0761.json +++ b/2007/0xxx/CVE-2007-0761.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3258", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3258" - }, - { - "name" : "http://www.xoron.info/bugs/ezconvert.txt", - "refsource" : "MISC", - "url" : "http://www.xoron.info/bugs/ezconvert.txt" - }, - { - "name" : "20070202 true: phpBB ezBoard converter 0.2 (ezconvert_dir) Remote File Include Exploit", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001278.html" - }, - { - "name" : "ADV-2007-0473", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0473" - }, - { - "name" : "33645", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33645" - }, - { - "name" : "ezboard-config-file-include(32157)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3258", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3258" + }, + { + "name": "33645", + "refsource": "OSVDB", + "url": "http://osvdb.org/33645" + }, + { + "name": "20070202 true: phpBB ezBoard converter 0.2 (ezconvert_dir) Remote File Include Exploit", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001278.html" + }, + { + "name": "ezboard-config-file-include(32157)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32157" + }, + { + "name": "http://www.xoron.info/bugs/ezconvert.txt", + "refsource": "MISC", + "url": "http://www.xoron.info/bugs/ezconvert.txt" + }, + { + "name": "ADV-2007-0473", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0473" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3203.json b/2007/3xxx/CVE-2007-3203.json index 153f2028672..d2ab6323f9b 100644 --- a/2007/3xxx/CVE-2007-3203.json +++ b/2007/3xxx/CVE-2007-3203.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3203", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3203", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#445313", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/445313" - }, - { - "name" : "24437", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24437" - }, - { - "name" : "37232", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37232" - }, - { - "name" : "25429", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25429" - }, - { - "name" : "lansuite-smtpdll-bo(34834)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34834" - }, - { - "name" : "602prolansuite-smtp-bo(34974)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25429", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25429" + }, + { + "name": "lansuite-smtpdll-bo(34834)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34834" + }, + { + "name": "24437", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24437" + }, + { + "name": "VU#445313", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/445313" + }, + { + "name": "37232", + "refsource": "OSVDB", + "url": "http://osvdb.org/37232" + }, + { + "name": "602prolansuite-smtp-bo(34974)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34974" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3328.json b/2007/3xxx/CVE-2007-3328.json index c133323b720..8515c172862 100644 --- a/2007/3xxx/CVE-2007-3328.json +++ b/2007/3xxx/CVE-2007-3328.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3328", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) module_key parameter to (a) kb/kb.php, (b) quiz/runquiz.php, (c) quiz/quiz.php, (d) forum/forum.php, (e) forum/byname.php, and (f) journal/journalview.php in modules/, and unspecified other scripts; the (2) tag_key parameter to modules/journal/journalview.php; the (3) user_group_key parameter to (g) users/secureaccounts.php; and (4) the request_uri parameter to (h) login.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3328", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html" - }, - { - "name" : "24573", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24573" - }, - { - "name" : "36921", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36921" - }, - { - "name" : "36922", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36922" - }, - { - "name" : "36923", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36923" - }, - { - "name" : "36924", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36924" - }, - { - "name" : "36925", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36925" - }, - { - "name" : "36926", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36926" - }, - { - "name" : "36927", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36927" - }, - { - "name" : "36928", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36928" - }, - { - "name" : "36929", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36929" - }, - { - "name" : "interact-multiple-xss(34958)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34958" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) module_key parameter to (a) kb/kb.php, (b) quiz/runquiz.php, (c) quiz/quiz.php, (d) forum/forum.php, (e) forum/byname.php, and (f) journal/journalview.php in modules/, and unspecified other scripts; the (2) tag_key parameter to modules/journal/journalview.php; the (3) user_group_key parameter to (g) users/secureaccounts.php; and (4) the request_uri parameter to (h) login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36921", + "refsource": "OSVDB", + "url": "http://osvdb.org/36921" + }, + { + "name": "36924", + "refsource": "OSVDB", + "url": "http://osvdb.org/36924" + }, + { + "name": "36925", + "refsource": "OSVDB", + "url": "http://osvdb.org/36925" + }, + { + "name": "http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html", + "refsource": "MISC", + "url": "http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html" + }, + { + "name": "36923", + "refsource": "OSVDB", + "url": "http://osvdb.org/36923" + }, + { + "name": "36922", + "refsource": "OSVDB", + "url": "http://osvdb.org/36922" + }, + { + "name": "36927", + "refsource": "OSVDB", + "url": "http://osvdb.org/36927" + }, + { + "name": "24573", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24573" + }, + { + "name": "36929", + "refsource": "OSVDB", + "url": "http://osvdb.org/36929" + }, + { + "name": "36926", + "refsource": "OSVDB", + "url": "http://osvdb.org/36926" + }, + { + "name": "36928", + "refsource": "OSVDB", + "url": "http://osvdb.org/36928" + }, + { + "name": "interact-multiple-xss(34958)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34958" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3589.json b/2007/3xxx/CVE-2007-3589.json index 71e1e77b98a..df91865ebdc 100644 --- a/2007/3xxx/CVE-2007-3589.json +++ b/2007/3xxx/CVE-2007-3589.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) showthread.php or (2) showboard.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4122", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4122" - }, - { - "name" : "24696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24696" - }, - { - "name" : "38950", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38950" - }, - { - "name" : "38951", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38951" - }, - { - "name" : "b1gbb-id-sql-injection(35129)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35129" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) showthread.php or (2) showboard.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "b1gbb-id-sql-injection(35129)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35129" + }, + { + "name": "24696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24696" + }, + { + "name": "38950", + "refsource": "OSVDB", + "url": "http://osvdb.org/38950" + }, + { + "name": "38951", + "refsource": "OSVDB", + "url": "http://osvdb.org/38951" + }, + { + "name": "4122", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4122" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4091.json b/2007/4xxx/CVE-2007-4091.json index 204462c7d7d..88272593a3b 100644 --- a/2007/4xxx/CVE-2007-4091.json +++ b/2007/4xxx/CVE-2007-4091.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4091", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4091", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070823 FLEA-2007-0047-1 rsync", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477628/100/0/threaded" - }, - { - "name" : "http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908", - "refsource" : "CONFIRM", - "url" : "http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908" - }, - { - "name" : "http://c-skills.blogspot.com/2007/08/cve-2007-4091.html", - "refsource" : "CONFIRM", - "url" : "http://c-skills.blogspot.com/2007/08/cve-2007-4091.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1647", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1647" - }, - { - "name" : "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15548.html", - "refsource" : "CONFIRM", - "url" : "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15548.html" - }, - { - "name" : "DSA-1360", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1360" - }, - { - "name" : "GLSA-200709-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200709-13.xml" - }, - { - "name" : "SSA:2007-335-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.481089" - }, - { - "name" : "SUSE-SR:2007:017", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_17_sr.html" - }, - { - "name" : "2007-0026", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0026/" - }, - { - "name" : "USN-500-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-500-1" - }, - { - "name" : "25336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25336" - }, - { - "name" : "61039", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61039" - }, - { - "name" : "ADV-2007-2915", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2915" - }, - { - "name" : "26493", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26493" - }, - { - "name" : "26518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26518" - }, - { - "name" : "26537", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26537" - }, - { - "name" : "26548", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26548" - }, - { - "name" : "26634", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26634" - }, - { - "name" : "26543", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26543" - }, - { - "name" : "26822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26822" - }, - { - "name" : "26911", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26911" - }, - { - "name" : "27896", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27896" - }, - { - "name" : "rsync-fname-bo(36072)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36072" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27896", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27896" + }, + { + "name": "GLSA-200709-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200709-13.xml" + }, + { + "name": "26822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26822" + }, + { + "name": "rsync-fname-bo(36072)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36072" + }, + { + "name": "USN-500-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-500-1" + }, + { + "name": "26493", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26493" + }, + { + "name": "61039", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61039" + }, + { + "name": "26634", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26634" + }, + { + "name": "SUSE-SR:2007:017", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_17_sr.html" + }, + { + "name": "26543", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26543" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1647", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1647" + }, + { + "name": "20070823 FLEA-2007-0047-1 rsync", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477628/100/0/threaded" + }, + { + "name": "DSA-1360", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1360" + }, + { + "name": "http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908", + "refsource": "CONFIRM", + "url": "http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908" + }, + { + "name": "SSA:2007-335-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.481089" + }, + { + "name": "2007-0026", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0026/" + }, + { + "name": "http://c-skills.blogspot.com/2007/08/cve-2007-4091.html", + "refsource": "CONFIRM", + "url": "http://c-skills.blogspot.com/2007/08/cve-2007-4091.html" + }, + { + "name": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15548.html", + "refsource": "CONFIRM", + "url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15548.html" + }, + { + "name": "25336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25336" + }, + { + "name": "26537", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26537" + }, + { + "name": "ADV-2007-2915", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2915" + }, + { + "name": "26518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26518" + }, + { + "name": "26548", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26548" + }, + { + "name": "26911", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26911" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4446.json b/2007/4xxx/CVE-2007-4446.json index 4e74e5edb56..d48f8fdb8b6 100644 --- a/2007/4xxx/CVE-2007-4446.json +++ b/2007/4xxx/CVE-2007-4446.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command (client nickname) when entering a game." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070818 Multiple vulnerabilities in Toribash 2.71", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/toribashish.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/toribashish.zip" - }, - { - "name" : "25359", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25359" - }, - { - "name" : "26507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26507" - }, - { - "name" : "3033", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3033" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command (client nickname) when entering a game." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070818 Multiple vulnerabilities in Toribash 2.71", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded" + }, + { + "name": "http://aluigi.org/poc/toribashish.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/toribashish.zip" + }, + { + "name": "25359", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25359" + }, + { + "name": "26507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26507" + }, + { + "name": "3033", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3033" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6010.json b/2007/6xxx/CVE-2007-6010.json index e3fb9deb30b..14623666fdf 100644 --- a/2007/6xxx/CVE-2007-6010.json +++ b/2007/6xxx/CVE-2007-6010.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541" - }, - { - "name" : "45293", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45293" - }, - { - "name" : "1019024", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors that trigger an assert error. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-5933." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449541" + }, + { + "name": "1019024", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019024" + }, + { + "name": "45293", + "refsource": "OSVDB", + "url": "http://osvdb.org/45293" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6062.json b/2007/6xxx/CVE-2007-6062.json index 839a20b6411..3034c60dce5 100644 --- a/2007/6xxx/CVE-2007-6062.json +++ b/2007/6xxx/CVE-2007-6062.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause a denial of service (crash) via a JOIN command without a channel argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=90-remote-vulnerability.dpatch;att=1;bug=451875", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=90-remote-vulnerability.dpatch;att=1;bug=451875" - }, - { - "name" : "[ngIRCd-ML] 20070731 ngIRCd 0.10.3 - Security", - "refsource" : "MLIST", - "url" : "http://arthur.barton.de/pipermail/ngircd-ml/2007-July/000292.html" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451875", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451875" - }, - { - "name" : "http://ngircd.barton.de/doc/ChangeLog", - "refsource" : "CONFIRM", - "url" : "http://ngircd.barton.de/doc/ChangeLog" - }, - { - "name" : "26489", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26489" - }, - { - "name" : "39295", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39295" - }, - { - "name" : "27692", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27692" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause a denial of service (crash) via a JOIN command without a channel argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://ngircd.barton.de/doc/ChangeLog", + "refsource": "CONFIRM", + "url": "http://ngircd.barton.de/doc/ChangeLog" + }, + { + "name": "26489", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26489" + }, + { + "name": "39295", + "refsource": "OSVDB", + "url": "http://osvdb.org/39295" + }, + { + "name": "[ngIRCd-ML] 20070731 ngIRCd 0.10.3 - Security", + "refsource": "MLIST", + "url": "http://arthur.barton.de/pipermail/ngircd-ml/2007-July/000292.html" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=90-remote-vulnerability.dpatch;att=1;bug=451875", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=90-remote-vulnerability.dpatch;att=1;bug=451875" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451875", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451875" + }, + { + "name": "27692", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27692" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6130.json b/2007/6xxx/CVE-2007-6130.json index e054095be19..d2dd54cb137 100644 --- a/2007/6xxx/CVE-2007-6130.json +++ b/2007/6xxx/CVE-2007-6130.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.gentoo.org/show_bug.cgi?id=193132", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/show_bug.cgi?id=193132" - }, - { - "name" : "http://www.gnu.org/software/gnump3d/ChangeLog", - "refsource" : "CONFIRM", - "url" : "http://www.gnu.org/software/gnump3d/ChangeLog" - }, - { - "name" : "SUSE-SR:2007:025", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" - }, - { - "name" : "26618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26618" - }, - { - "name" : "ADV-2007-4039", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4039" - }, - { - "name" : "27848", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27848" - }, - { - "name" : "27965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27965" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27965" + }, + { + "name": "26618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26618" + }, + { + "name": "https://bugs.gentoo.org/show_bug.cgi?id=193132", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=193132" + }, + { + "name": "27848", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27848" + }, + { + "name": "SUSE-SR:2007:025", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html" + }, + { + "name": "ADV-2007-4039", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4039" + }, + { + "name": "http://www.gnu.org/software/gnump3d/ChangeLog", + "refsource": "CONFIRM", + "url": "http://www.gnu.org/software/gnump3d/ChangeLog" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6208.json b/2007/6xxx/CVE-2007-6208.json index 39049478504..ed30aea6e56 100644 --- a/2007/6xxx/CVE-2007-6208.json +++ b/2007/6xxx/CVE-2007-6208.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089" - }, - { - "name" : "GLSA-200801-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-03.xml" - }, - { - "name" : "26676", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26676" - }, - { - "name" : "42478", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42478" - }, - { - "name" : "27897", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27897" - }, - { - "name" : "28402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28402" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files via a symlink attack on the sylprint.[USER].[PID] temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28402" + }, + { + "name": "42478", + "refsource": "OSVDB", + "url": "http://osvdb.org/42478" + }, + { + "name": "GLSA-200801-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-03.xml" + }, + { + "name": "26676", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26676" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454089" + }, + { + "name": "27897", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27897" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5292.json b/2010/5xxx/CVE-2010-5292.json index fad5d4e6b7e..23fc56b9957 100644 --- a/2010/5xxx/CVE-2010-5292.json +++ b/2010/5xxx/CVE-2010-5292.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5292", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5292", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES", - "refsource" : "CONFIRM", - "url" : "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES" - }, - { - "name" : "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG", - "refsource" : "CONFIRM", - "url" : "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to obtain sensitive information by reading the cache in between runs of the include/cron/services_usage.php cron job." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES", + "refsource": "CONFIRM", + "url": "https://projects.jethrocarr.com/p/oss-amberdms-bs/source/tree/f23f1121bd137bf798c8d3f01d35fa297a285331/help/docs/RELEASE_NOTES" + }, + { + "name": "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG", + "refsource": "CONFIRM", + "url": "https://raw.github.com/jethrocarr/amberdms-bs/master/help/docs/CHANGELOG" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5020.json b/2014/5xxx/CVE-2014-5020.json index f7a522f8e9f..137c069597f 100644 --- a/2014/5xxx/CVE-2014-5020.json +++ b/2014/5xxx/CVE-2014-5020.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read files by attaching the file to content with a file field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/SA-CORE-2014-003", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2014-003" - }, - { - "name" : "DSA-2983", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read files by attaching the file to content with a file field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2983", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2983" + }, + { + "name": "https://www.drupal.org/SA-CORE-2014-003", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2014-003" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5506.json b/2014/5xxx/CVE-2014-5506.json index d569065b963..36d0d606fc5 100644 --- a/2014/5xxx/CVE-2014-5506.json +++ b/2014/5xxx/CVE-2014-5506.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-14-302/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-14-302/" - }, - { - "name" : "http://scn.sap.com/docs/DOC-8218", - "refsource" : "CONFIRM", - "url" : "http://scn.sap.com/docs/DOC-8218" - }, - { - "name" : "https://service.sap.com/sap/support/notes/1999142", - "refsource" : "CONFIRM", - "url" : "https://service.sap.com/sap/support/notes/1999142" - }, - { - "name" : "69557", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69557" - }, - { - "name" : "61016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://service.sap.com/sap/support/notes/1999142", + "refsource": "CONFIRM", + "url": "https://service.sap.com/sap/support/notes/1999142" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-14-302/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-14-302/" + }, + { + "name": "http://scn.sap.com/docs/DOC-8218", + "refsource": "CONFIRM", + "url": "http://scn.sap.com/docs/DOC-8218" + }, + { + "name": "69557", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69557" + }, + { + "name": "61016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61016" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5611.json b/2014/5xxx/CVE-2014-5611.json index d280fb47aae..70e20eb712e 100644 --- a/2014/5xxx/CVE-2014-5611.json +++ b/2014/5xxx/CVE-2014-5611.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application 5.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#247305", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/247305" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The eBay Kleinanzeigen for Germany (aka com.ebay.kleinanzeigen) application 5.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#247305", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/247305" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5856.json b/2014/5xxx/CVE-2014-5856.json index 4a4c24d3dc2..9a36d590257 100644 --- a/2014/5xxx/CVE-2014-5856.json +++ b/2014/5xxx/CVE-2014-5856.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Selfie Camera -Facial Beauty- (aka com.cfinc.cunpic) application 1.2.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#579065", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/579065" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Selfie Camera -Facial Beauty- (aka com.cfinc.cunpic) application 1.2.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#579065", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/579065" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2200.json b/2015/2xxx/CVE-2015-2200.json index fc6ec26d1a7..159e069cb84 100644 --- a/2015/2xxx/CVE-2015-2200.json +++ b/2015/2xxx/CVE-2015-2200.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2200", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2200", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2327.json b/2015/2xxx/CVE-2015-2327.json index 06a01d68c11..fe2b62870e9 100644 --- a/2015/2xxx/CVE-2015-2327.json +++ b/2015/2xxx/CVE-2015-2327.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PCRE before 8.36 mishandles the /(((a\\2)|(a*)\\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151128 Re: Heap Overflow in PCRE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/29/1" - }, - { - "name" : "http://www.fortiguard.com/advisory/FG-VD-15-010/", - "refsource" : "MISC", - "url" : "http://www.fortiguard.com/advisory/FG-VD-15-010/" - }, - { - "name" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", - "refsource" : "CONFIRM", - "url" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" - }, - { - "name" : "https://bugs.exim.org/show_bug.cgi?id=1503", - "refsource" : "CONFIRM", - "url" : "https://bugs.exim.org/show_bug.cgi?id=1503" - }, - { - "name" : "https://jira.mongodb.org/browse/SERVER-17252", - "refsource" : "CONFIRM", - "url" : "https://jira.mongodb.org/browse/SERVER-17252" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "74924", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74924" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PCRE before 8.36 mishandles the /(((a\\2)|(a*)\\g<-1>))*/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151128 Re: Heap Overflow in PCRE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" + }, + { + "name": "http://www.fortiguard.com/advisory/FG-VD-15-010/", + "refsource": "MISC", + "url": "http://www.fortiguard.com/advisory/FG-VD-15-010/" + }, + { + "name": "74924", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74924" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "https://bugs.exim.org/show_bug.cgi?id=1503", + "refsource": "CONFIRM", + "url": "https://bugs.exim.org/show_bug.cgi?id=1503" + }, + { + "name": "https://jira.mongodb.org/browse/SERVER-17252", + "refsource": "CONFIRM", + "url": "https://jira.mongodb.org/browse/SERVER-17252" + }, + { + "name": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", + "refsource": "CONFIRM", + "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2857.json b/2015/2xxx/CVE-2015-2857.json index 75be11e397d..e51df01f9d2 100644 --- a/2015/2xxx/CVE-2015-2857.json +++ b/2015/2xxx/CVE-2015-2857.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2857", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37597", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37597/" - }, - { - "name" : "http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth" - }, - { - "name" : "https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132665/Accellion-FTA-getStatus-verify_oauth_token-Command-Execution.html" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/linux/http/accellion_fta_getstatus_oauth" + }, + { + "name": "https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/metasploit/blog/2015/07/10/r7-2015-08-accellion-file-transfer-appliance-vulnerabilities-cve-2015-2856-cve-2015-2857" + }, + { + "name": "37597", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37597/" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6024.json b/2015/6xxx/CVE-2015-6024.json index 5ca668160af..196d3ecbfd8 100644 --- a/2015/6xxx/CVE-2015-6024.json +++ b/2015/6xxx/CVE-2015-6024.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160503 NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538263/100/0/threaded" - }, - { - "name" : "20160505 Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538297/100/0/threaded" - }, - { - "name" : "39762", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39762/" - }, - { - "name" : "20160506 NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/May/13" - }, - { - "name" : "20160506 Re: NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/May/18" - }, - { - "name" : "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39762", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39762/" + }, + { + "name": "20160506 Re: NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/May/18" + }, + { + "name": "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html" + }, + { + "name": "20160505 Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538297/100/0/threaded" + }, + { + "name": "20160506 NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/May/13" + }, + { + "name": "20160503 NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538263/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6678.json b/2015/6xxx/CVE-2015-6678.json index accca449572..6599837f680 100644 --- a/2015/6xxx/CVE-2015-6678.json +++ b/2015/6xxx/CVE-2015-6678.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-446", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-446" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201509-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201509-07" - }, - { - "name" : "RHSA-2015:1814", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1814.html" - }, - { - "name" : "openSUSE-SU-2015:1781", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" - }, - { - "name" : "SUSE-SU-2015:1614", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html" - }, - { - "name" : "SUSE-SU-2015:1618", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html" - }, - { - "name" : "openSUSE-SU-2015:1616", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html" - }, - { - "name" : "76801", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76801" - }, - { - "name" : "1033629", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6676." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1814", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1814.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-446", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-446" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "openSUSE-SU-2015:1616", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html" + }, + { + "name": "1033629", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033629" + }, + { + "name": "76801", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76801" + }, + { + "name": "SUSE-SU-2015:1618", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html" + }, + { + "name": "SUSE-SU-2015:1614", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html" + }, + { + "name": "GLSA-201509-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201509-07" + }, + { + "name": "openSUSE-SU-2015:1781", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6736.json b/2015/6xxx/CVE-2015-6736.json index 3470c77f8f9..cd86ac8a564 100644 --- a/2015/6xxx/CVE-2015-6736.json +++ b/2015/6xxx/CVE-2015-6736.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6736", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6736", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html" - }, - { - "name" : "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/12/6" - }, - { - "name" : "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/27/6" - }, - { - "name" : "FEDORA-2015-13920", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html" - }, - { - "name" : "GLSA-201510-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-05" - }, - { - "name" : "76362", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201510-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-05" + }, + { + "name": "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/27/6" + }, + { + "name": "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/12/6" + }, + { + "name": "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html" + }, + { + "name": "FEDORA-2015-13920", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html" + }, + { + "name": "76362", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76362" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6945.json b/2015/6xxx/CVE-2015-6945.json index 50b85b2f5b1..0acb631b505 100644 --- a/2015/6xxx/CVE-2015-6945.json +++ b/2015/6xxx/CVE-2015-6945.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150905 JSPMySQL Administrador CSRF & XSS Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536406/100/0/threaded" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/133466/JSPMySQL-Administrador-1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133466/JSPMySQL-Administrador-1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150905 JSPMySQL Administrador CSRF & XSS Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536406/100/0/threaded" + }, + { + "name": "http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/AS-JSPMYSQLADMINISTRADOR-0904.txt" + }, + { + "name": "http://packetstormsecurity.com/files/133466/JSPMySQL-Administrador-1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133466/JSPMySQL-Administrador-1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0165.json b/2016/0xxx/CVE-2016-0165.json index d36550f6294..ea5a9c5337b 100644 --- a/2016/0xxx/CVE-2016-0165.json +++ b/2016/0xxx/CVE-2016-0165.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0165", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0143 and CVE-2016-0167." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0165", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44480", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44480/" - }, - { - "name" : "MS16-039", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039" - }, - { - "name" : "1035532", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035532" - }, - { - "name" : "1035529", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035529" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0143 and CVE-2016-0167." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035529", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035529" + }, + { + "name": "44480", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44480/" + }, + { + "name": "1035532", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035532" + }, + { + "name": "MS16-039", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0406.json b/2016/0xxx/CVE-2016-0406.json index f209560c378..d4455fe6253 100644 --- a/2016/0xxx/CVE-2016-0406.json +++ b/2016/0xxx/CVE-2016-0406.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0406", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availability via vectors related to Libc." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0641.json b/2016/0xxx/CVE-2016-0641.json index c6662d19e5d..9afff2d7bf5 100644 --- a/2016/0xxx/CVE-2016-0641.json +++ b/2016/0xxx/CVE-2016-0641.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0641", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0641", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3595", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3595" - }, - { - "name" : "DSA-3557", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3557" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "openSUSE-SU-2016:1686", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1619", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" - }, - { - "name" : "SUSE-SU-2016:1620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" - }, - { - "name" : "openSUSE-SU-2016:1664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" - }, - { - "name" : "SUSE-SU-2016:1279", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1332", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" - }, - { - "name" : "USN-2953-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2953-1" - }, - { - "name" : "86470", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86470" - }, - { - "name" : "1035606", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "86470", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86470" + }, + { + "name": "1035606", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035606" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "USN-2953-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2953-1" + }, + { + "name": "openSUSE-SU-2016:1332", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/" + }, + { + "name": "SUSE-SU-2016:1619", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "openSUSE-SU-2016:1664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "DSA-3557", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3557" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "DSA-3595", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3595" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "openSUSE-SU-2016:1686", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "SUSE-SU-2016:1279", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0894.json b/2016/0xxx/CVE-2016-0894.json index 4d6c5976a86..6cd4361211b 100644 --- a/2016/0xxx/CVE-2016-0894.json +++ b/2016/0xxx/CVE-2016-0894.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0894", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0894", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160502 ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2016/May/9" - }, - { - "name" : "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html" - }, - { - "name" : "1035714", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035714" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160502 ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2016/May/9" + }, + { + "name": "1035714", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035714" + }, + { + "name": "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000370.json b/2016/1000xxx/CVE-2016-1000370.json index 46b4ba6d4f0..ffdc0cb73bd 100644 --- a/2016/1000xxx/CVE-2016-1000370.json +++ b/2016/1000xxx/CVE-2016-1000370.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000370", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9863. Reason: This candidate is a reservation duplicate of CVE-2016-9863. Notes: All CVE users should reference CVE-2016-9863 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000370", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9863. Reason: This candidate is a reservation duplicate of CVE-2016-9863. Notes: All CVE users should reference CVE-2016-9863 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10355.json b/2016/10xxx/CVE-2016-10355.json index 19c7b05f310..d3a37639c07 100644 --- a/2016/10xxx/CVE-2016-10355.json +++ b/2016/10xxx/CVE-2016-10355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10355", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-10355", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4324.json b/2016/4xxx/CVE-2016-4324.json index 3cbf556f5a0..fa4b7ff4db5 100644 --- a/2016/4xxx/CVE-2016-4324.json +++ b/2016/4xxx/CVE-2016-4324.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0126/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0126/" - }, - { - "name" : "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/", - "refsource" : "CONFIRM", - "url" : "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/" - }, - { - "name" : "DSA-3608", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3608" - }, - { - "name" : "GLSA-201611-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-03" - }, - { - "name" : "USN-3022-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3022-1" - }, - { - "name" : "91499", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91499" - }, - { - "name" : "1036209", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3608", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3608" + }, + { + "name": "GLSA-201611-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-03" + }, + { + "name": "1036209", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036209" + }, + { + "name": "91499", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91499" + }, + { + "name": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/", + "refsource": "CONFIRM", + "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/" + }, + { + "name": "USN-3022-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3022-1" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0126/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4462.json b/2016/4xxx/CVE-2016-4462.json index dbd8597d5d4..c83e29a79ca 100644 --- a/2016/4xxx/CVE-2016-4462.json +++ b/2016/4xxx/CVE-2016-4462.json @@ -1,69 +1,69 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2016-11-29T00:00:00", - "ID" : "CVE-2016-4462", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache OFBiz", - "version" : { - "version_data" : [ - { - "version_value" : "13.07.*" - }, - { - "version_value" : "12.04.*" - }, - { - "version_value" : "11.04.*" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2016-11-29T00:00:00", + "ID": "CVE-2016-4462", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache OFBiz", + "version": { + "version_data": [ + { + "version_value": "13.07.*" + }, + { + "version_value": "12.04.*" + }, + { + "version_value": "11.04.*" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability", - "refsource" : "MLIST", - "url" : "http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. Mitigation: Upgrade to Apache OFBiz 16.11.01" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[www-announce] 20161129 [SECURITY] CVE-2016-4462 OFBiz template remote code vulnerability", + "refsource": "MLIST", + "url": "http://git.net/ml/dev.ofbiz.apache.org/2016-11/msg00180.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4581.json b/2016/4xxx/CVE-2016-4581.json index 55b1c4bd30e..da947bd21d5 100644 --- a/2016/4xxx/CVE-2016-4581.json +++ b/2016/4xxx/CVE-2016-4581.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4581", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4581", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160511 CVE request: Mishandling the first propagated copy being a slave", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/11/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1333712", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1333712" - }, - { - "name" : "https://github.com/torvalds/linux/commit/5ec0811d30378ae104f250bfc9b3640242d81e3f", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/5ec0811d30378ae104f250bfc9b3640242d81e3f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "RHSA-2016:2574", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2574.html" - }, - { - "name" : "RHSA-2016:2584", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2584.html" - }, - { - "name" : "openSUSE-SU-2016:1641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" - }, - { - "name" : "USN-2989-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2989-1" - }, - { - "name" : "USN-2998-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2998-1" - }, - { - "name" : "USN-3000-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3000-1" - }, - { - "name" : "USN-3001-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3001-1" - }, - { - "name" : "USN-3002-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3002-1" - }, - { - "name" : "USN-3003-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3003-1" - }, - { - "name" : "USN-3004-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3004-1" - }, - { - "name" : "USN-3005-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3005-1" - }, - { - "name" : "USN-3006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3006-1" - }, - { - "name" : "USN-3007-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3007-1" - }, - { - "name" : "90607", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90607" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3006-1" + }, + { + "name": "USN-3004-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3004-1" + }, + { + "name": "90607", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90607" + }, + { + "name": "USN-3001-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3001-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "USN-3005-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3005-1" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4" + }, + { + "name": "RHSA-2016:2584", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" + }, + { + "name": "RHSA-2016:2574", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" + }, + { + "name": "openSUSE-SU-2016:1641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" + }, + { + "name": "USN-3000-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3000-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1333712", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333712" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "https://github.com/torvalds/linux/commit/5ec0811d30378ae104f250bfc9b3640242d81e3f", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/5ec0811d30378ae104f250bfc9b3640242d81e3f" + }, + { + "name": "USN-3002-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3002-1" + }, + { + "name": "USN-2989-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2989-1" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f" + }, + { + "name": "USN-3007-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3007-1" + }, + { + "name": "[oss-security] 20160511 CVE request: Mishandling the first propagated copy being a slave", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/11/2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html" + }, + { + "name": "USN-3003-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3003-1" + }, + { + "name": "USN-2998-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2998-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4852.json b/2016/4xxx/CVE-2016-4852.json index 4607b37f1d2..f6fcd2d77a9 100644 --- a/2016/4xxx/CVE-2016-4852.json +++ b/2016/4xxx/CVE-2016-4852.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4852", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service (application crash) via a crafted emoji character sequence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4852", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/en/jp/JVN94816361/995844/index.html", - "refsource" : "CONFIRM", - "url" : "http://jvn.jp/en/jp/JVN94816361/995844/index.html" - }, - { - "name" : "JVN#94816361", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN94816361/index.html" - }, - { - "name" : "JVNDB-2016-000151", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000151" - }, - { - "name" : "92609", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92609" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "YoruFukurou (NightOwl) before 2.85 relies on support for emoji skin-tone modifiers even though this support is missing from the CoreText CTFramesetter API on OS X 10.9, which allows remote attackers to cause a denial of service (application crash) via a crafted emoji character sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#94816361", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN94816361/index.html" + }, + { + "name": "http://jvn.jp/en/jp/JVN94816361/995844/index.html", + "refsource": "CONFIRM", + "url": "http://jvn.jp/en/jp/JVN94816361/995844/index.html" + }, + { + "name": "JVNDB-2016-000151", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000151" + }, + { + "name": "92609", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92609" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9008.json b/2016/9xxx/CVE-2016-9008.json index deb56e8d925..9ffb29bac82 100644 --- a/2016/9xxx/CVE-2016-9008.json +++ b/2016/9xxx/CVE-2016-9008.json @@ -1,190 +1,190 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UrbanCode Deploy", - "version" : { - "version_data" : [ - { - "version_value" : "6.1.0.2" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.1.1" - }, - { - "version_value" : "6.0.1.2" - }, - { - "version_value" : "6.0.1.3" - }, - { - "version_value" : "6.0.1.4" - }, - { - "version_value" : "6.0.1.5" - }, - { - "version_value" : "6.0.1.6" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "6.1.0.1" - }, - { - "version_value" : "6.1.0.3" - }, - { - "version_value" : "6.0.1.7" - }, - { - "version_value" : "6.0.1.8" - }, - { - "version_value" : "6.1.0.4" - }, - { - "version_value" : "6.1.1" - }, - { - "version_value" : "6.1.1.1" - }, - { - "version_value" : "6.1.1.2" - }, - { - "version_value" : "6.1.1.3" - }, - { - "version_value" : "6.1.1.4" - }, - { - "version_value" : "6.1.1.5" - }, - { - "version_value" : "6.0.1.9" - }, - { - "version_value" : "6.1.1.6" - }, - { - "version_value" : "6.1.1.7" - }, - { - "version_value" : "6.1.2" - }, - { - "version_value" : "6.0.1.10" - }, - { - "version_value" : "6.0.1.11" - }, - { - "version_value" : "6.1.1.8" - }, - { - "version_value" : "6.1.3" - }, - { - "version_value" : "6.1.3.1" - }, - { - "version_value" : "6.2" - }, - { - "version_value" : "6.2.0.1" - }, - { - "version_value" : "6.0.1.12" - }, - { - "version_value" : "6.1.3.2" - }, - { - "version_value" : "6.2.0.2" - }, - { - "version_value" : "6.2.1" - }, - { - "version_value" : "6.0.1.13" - }, - { - "version_value" : "6.2.1.1" - }, - { - "version_value" : "6.0.1.14" - }, - { - "version_value" : "6.1.3.3" - }, - { - "version_value" : "6.2.1.2" - }, - { - "version_value" : "6.2.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_value": "6.1.0.2" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.1.1" + }, + { + "version_value": "6.0.1.2" + }, + { + "version_value": "6.0.1.3" + }, + { + "version_value": "6.0.1.4" + }, + { + "version_value": "6.0.1.5" + }, + { + "version_value": "6.0.1.6" + }, + { + "version_value": "6.1" + }, + { + "version_value": "6.1.0.1" + }, + { + "version_value": "6.1.0.3" + }, + { + "version_value": "6.0.1.7" + }, + { + "version_value": "6.0.1.8" + }, + { + "version_value": "6.1.0.4" + }, + { + "version_value": "6.1.1" + }, + { + "version_value": "6.1.1.1" + }, + { + "version_value": "6.1.1.2" + }, + { + "version_value": "6.1.1.3" + }, + { + "version_value": "6.1.1.4" + }, + { + "version_value": "6.1.1.5" + }, + { + "version_value": "6.0.1.9" + }, + { + "version_value": "6.1.1.6" + }, + { + "version_value": "6.1.1.7" + }, + { + "version_value": "6.1.2" + }, + { + "version_value": "6.0.1.10" + }, + { + "version_value": "6.0.1.11" + }, + { + "version_value": "6.1.1.8" + }, + { + "version_value": "6.1.3" + }, + { + "version_value": "6.1.3.1" + }, + { + "version_value": "6.2" + }, + { + "version_value": "6.2.0.1" + }, + { + "version_value": "6.0.1.12" + }, + { + "version_value": "6.1.3.2" + }, + { + "version_value": "6.2.0.2" + }, + { + "version_value": "6.2.1" + }, + { + "version_value": "6.0.1.13" + }, + { + "version_value": "6.2.1.1" + }, + { + "version_value": "6.0.1.14" + }, + { + "version_value": "6.1.3.3" + }, + { + "version_value": "6.2.1.2" + }, + { + "version_value": "6.2.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000238", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000238" - }, - { - "name" : "95283", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM UrbanCode Deploy could allow a malicious user to access the Agent Relay ActiveMQ Broker JMX interface and run plugins on the agent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95283", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95283" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000238" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9164.json b/2016/9xxx/CVE-2016-9164.json index 0f462e18714..039e1eca18f 100644 --- a/2016/9xxx/CVE-2016-9164.json +++ b/2016/9xxx/CVE-2016-9164.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161110 CA11/09/2016-01: Security Notice for CA Unified Infrastructure Management", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Nov/55" - }, - { - "name" : "http://packetstormsecurity.com/files/139661/CA-Unified-Infrastructure-Management-Bypass-Traversal-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/139661/CA-Unified-Infrastructure-Management-Bypass-Traversal-Disclosure.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-607", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-607" - }, - { - "name" : "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20161109-01-security-notice-for-ca-unified-infrastructure-mgmt.html", - "refsource" : "CONFIRM", - "url" : "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20161109-01-security-notice-for-ca-unified-infrastructure-mgmt.html" - }, - { - "name" : "94257", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94257", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94257" + }, + { + "name": "http://packetstormsecurity.com/files/139661/CA-Unified-Infrastructure-Management-Bypass-Traversal-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/139661/CA-Unified-Infrastructure-Management-Bypass-Traversal-Disclosure.html" + }, + { + "name": "20161110 CA11/09/2016-01: Security Notice for CA Unified Infrastructure Management", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Nov/55" + }, + { + "name": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20161109-01-security-notice-for-ca-unified-infrastructure-mgmt.html", + "refsource": "CONFIRM", + "url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20161109-01-security-notice-for-ca-unified-infrastructure-mgmt.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-607", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-607" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9428.json b/2016/9xxx/CVE-2016-9428.json index 092ffd98f98..75768b286a6 100644 --- a/2016/9xxx/CVE-2016-9428.json +++ b/2016/9xxx/CVE-2016-9428.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/3" - }, - { - "name" : "https://github.com/tats/w3m/blob/master/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/blob/master/ChangeLog" - }, - { - "name" : "https://github.com/tats/w3m/issues/26", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/issues/26" - }, - { - "name" : "GLSA-201701-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-08" - }, - { - "name" : "94407", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94407" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201701-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-08" + }, + { + "name": "https://github.com/tats/w3m/issues/26", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/issues/26" + }, + { + "name": "https://github.com/tats/w3m/blob/master/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/blob/master/ChangeLog" + }, + { + "name": "94407", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94407" + }, + { + "name": "[oss-security] 20161118 Re: CVE request: w3m - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9876.json b/2016/9xxx/CVE-2016-9876.json index 309b0fbf536..cf8b796c0e8 100644 --- a/2016/9xxx/CVE-2016-9876.json +++ b/2016/9xxx/CVE-2016-9876.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9876", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9876", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9960.json b/2016/9xxx/CVE-2016-9960.json index 5c0a3ed4ae8..53c78e604f7 100644 --- a/2016/9xxx/CVE-2016-9960.json +++ b/2016/9xxx/CVE-2016-9960.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9960", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-9960", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/15/11" - }, - { - "name" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html", - "refsource" : "MISC", - "url" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html" - }, - { - "name" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home", - "refsource" : "CONFIRM", - "url" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1405423", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1405423" - }, - { - "name" : "FEDORA-2016-04383482b4", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/" - }, - { - "name" : "FEDORA-2016-fbf9f8b204", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/" - }, - { - "name" : "FEDORA-2017-3d771a1702", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/" - }, - { - "name" : "FEDORA-2017-5bf9a268df", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/" - }, - { - "name" : "GLSA-201707-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-02" - }, - { - "name" : "SUSE-SU-2016:3250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html" - }, - { - "name" : "openSUSE-SU-2017:0022", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html" - }, - { - "name" : "95305", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95305" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-fbf9f8b204", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/" + }, + { + "name": "95305", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95305" + }, + { + "name": "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/15/11" + }, + { + "name": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html", + "refsource": "MISC", + "url": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html" + }, + { + "name": "GLSA-201707-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-02" + }, + { + "name": "FEDORA-2017-5bf9a268df", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/" + }, + { + "name": "SUSE-SU-2016:3250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html" + }, + { + "name": "openSUSE-SU-2017:0022", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html" + }, + { + "name": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home", + "refsource": "CONFIRM", + "url": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home" + }, + { + "name": "FEDORA-2016-04383482b4", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1405423", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405423" + }, + { + "name": "FEDORA-2017-3d771a1702", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2041.json b/2019/2xxx/CVE-2019-2041.json index cf3d548bb03..be86fa682b9 100644 --- a/2019/2xxx/CVE-2019-2041.json +++ b/2019/2xxx/CVE-2019-2041.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2041", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2041", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2285.json b/2019/2xxx/CVE-2019-2285.json index 562d258a3d5..04c48ef6bc7 100644 --- a/2019/2xxx/CVE-2019-2285.json +++ b/2019/2xxx/CVE-2019-2285.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2285", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2285", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2730.json b/2019/2xxx/CVE-2019-2730.json index d651a50406e..34a9fc4a0a7 100644 --- a/2019/2xxx/CVE-2019-2730.json +++ b/2019/2xxx/CVE-2019-2730.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2730", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2730", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2794.json b/2019/2xxx/CVE-2019-2794.json index 9a851b41a1b..aec67d66f81 100644 --- a/2019/2xxx/CVE-2019-2794.json +++ b/2019/2xxx/CVE-2019-2794.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2794", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2794", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3187.json b/2019/3xxx/CVE-2019-3187.json index 6daee25744d..c9f2b23c5bc 100644 --- a/2019/3xxx/CVE-2019-3187.json +++ b/2019/3xxx/CVE-2019-3187.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3187", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3187", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3461.json b/2019/3xxx/CVE-2019-3461.json index f8175445a80..d5d40dd9fc6 100644 --- a/2019/3xxx/CVE-2019-3461.json +++ b/2019/3xxx/CVE-2019-3461.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@debian.org", - "DATE_PUBLIC" : "2019-01-10T00:00:00", - "ID" : "CVE-2019-3461", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "tmpreaper", - "version" : { - "version_data" : [ - { - "version_value" : "1.6.13+nmu1" - } - ] - } - } - ] - }, - "vendor_name" : "Debian GNU/Linux" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Local privilege escalation" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "DATE_PUBLIC": "2019-01-10T00:00:00", + "ID": "CVE-2019-3461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "tmpreaper", + "version": { + "version_data": [ + { + "version_value": "1.6.13+nmu1" + } + ] + } + } + ] + }, + "vendor_name": "Debian GNU/Linux" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190124 [SECURITY] [DLA 1640-1] tmpreaper security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00017.html" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918956", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918956" - }, - { - "name" : "DSA-4365", - "refsource" : "DEBIAN", - "url" : "https://lists.debian.org/debian-security-announce/2019/msg00003.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Local privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20190124 [SECURITY] [DLA 1640-1] tmpreaper security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00017.html" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918956", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918956" + }, + { + "name": "DSA-4365", + "refsource": "DEBIAN", + "url": "https://lists.debian.org/debian-security-announce/2019/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3822.json b/2019/3xxx/CVE-2019-3822.json index feeb4b91cd0..c9bf2b38245 100644 --- a/2019/3xxx/CVE-2019-3822.json +++ b/2019/3xxx/CVE-2019-3822.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psampaio@redhat.com", - "ID" : "CVE-2019-3822", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "curl", - "version" : { - "version_data" : [ - { - "version_value" : "7.64.0" - } - ] - } - } - ] - }, - "vendor_name" : "The curl Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "7.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-121" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2019-3822", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "curl", + "version": { + "version_data": [ + { + "version_value": "7.64.0" + } + ] + } + } + ] + }, + "vendor_name": "The curl Project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://curl.haxx.se/docs/CVE-2019-3822.html", - "refsource" : "MISC", - "url" : "https://curl.haxx.se/docs/CVE-2019-3822.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190315-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190315-0001/" - }, - { - "name" : "DSA-4386", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2019/dsa-4386" - }, - { - "name" : "GLSA-201903-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201903-03" - }, - { - "name" : "USN-3882-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3882-1/" - }, - { - "name" : "106950", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "7.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201903-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3822" + }, + { + "name": "DSA-4386", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2019/dsa-4386" + }, + { + "name": "https://curl.haxx.se/docs/CVE-2019-3822.html", + "refsource": "MISC", + "url": "https://curl.haxx.se/docs/CVE-2019-3822.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190315-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190315-0001/" + }, + { + "name": "USN-3882-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3882-1/" + }, + { + "name": "106950", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106950" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3994.json b/2019/3xxx/CVE-2019-3994.json index 96bf3fd2b88..bda07055891 100644 --- a/2019/3xxx/CVE-2019-3994.json +++ b/2019/3xxx/CVE-2019-3994.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3994", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3994", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6211.json b/2019/6xxx/CVE-2019-6211.json index 500fcf27b55..d646e7e7a09 100644 --- a/2019/6xxx/CVE-2019-6211.json +++ b/2019/6xxx/CVE-2019-6211.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2019-6211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "iOS", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "iOS 12.1.3" - } - ] - } - }, - { - "product_name" : "macOS", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "macOS Mojave 10.14.3" - } - ] - } - } - ] - }, - "vendor_name" : "Apple" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Processing maliciously crafted web content may lead to arbitrary code execution" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2019-6211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.1.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.3" + } + ] + } + } + ] + }, + "vendor_name": "Apple" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT209443", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209443" - }, - { - "name" : "https://support.apple.com/HT209446", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT209446" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT209446", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209446" + }, + { + "name": "https://support.apple.com/HT209443", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT209443" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6248.json b/2019/6xxx/CVE-2019-6248.json index d0a804c0097..4c4408949c8 100644 --- a/2019/6xxx/CVE-2019-6248.json +++ b/2019/6xxx/CVE-2019-6248.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/", - "refsource" : "MISC", - "url" : "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/", + "refsource": "MISC", + "url": "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6469.json b/2019/6xxx/CVE-2019-6469.json index bc5b99b2e89..643f5f8f491 100644 --- a/2019/6xxx/CVE-2019-6469.json +++ b/2019/6xxx/CVE-2019-6469.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6469", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6469", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6538.json b/2019/6xxx/CVE-2019-6538.json index 4c4623c2cf5..079959804da 100644 --- a/2019/6xxx/CVE-2019-6538.json +++ b/2019/6xxx/CVE-2019-6538.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6538", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6538", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6590.json b/2019/6xxx/CVE-2019-6590.json index 40ca86d35c9..34248d15461 100644 --- a/2019/6xxx/CVE-2019-6590.json +++ b/2019/6xxx/CVE-2019-6590.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "f5sirt@f5.com", - "DATE_PUBLIC" : "2019-01-29T00:00:00", - "ID" : "CVE-2019-6590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BIG-IP (LTM)", - "version" : { - "version_data" : [ - { - "version_value" : "13.0.0-13.0.1, 12.1.0-12.1.3.6" - } - ] - } - } - ] - }, - "vendor_name" : "F5 Networks, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DoS" - } + "CVE_data_meta": { + "ASSIGNER": "f5sirt@f5.com", + "DATE_PUBLIC": "2019-01-29T00:00:00", + "ID": "CVE-2019-6590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIG-IP (LTM)", + "version": { + "version_data": [ + { + "version_value": "13.0.0-13.0.1, 12.1.0-12.1.3.6" + } + ] + } + } + ] + }, + "vendor_name": "F5 Networks, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/csp/article/K55101404", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/csp/article/K55101404" - }, - { - "name" : "106942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106942" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.f5.com/csp/article/K55101404", + "refsource": "CONFIRM", + "url": "https://support.f5.com/csp/article/K55101404" + }, + { + "name": "106942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106942" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7034.json b/2019/7xxx/CVE-2019-7034.json index 402ab4a5f55..0344ade9196 100644 --- a/2019/7xxx/CVE-2019-7034.json +++ b/2019/7xxx/CVE-2019-7034.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7034", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7034", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7426.json b/2019/7xxx/CVE-2019-7426.json index 86384fdef4b..a036788eb01 100644 --- a/2019/7xxx/CVE-2019-7426.json +++ b/2019/7xxx/CVE-2019-7426.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7426", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7426", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7536.json b/2019/7xxx/CVE-2019-7536.json index eb264518c37..fdf65be50d0 100644 --- a/2019/7xxx/CVE-2019-7536.json +++ b/2019/7xxx/CVE-2019-7536.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7536", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7536", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7699.json b/2019/7xxx/CVE-2019-7699.json index ea4f6178b3c..60c3664b900 100644 --- a/2019/7xxx/CVE-2019-7699.json +++ b/2019/7xxx/CVE-2019-7699.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7699", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7699", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/axiomatic-systems/Bento4/issues/355", - "refsource" : "MISC", - "url" : "https://github.com/axiomatic-systems/Bento4/issues/355" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/axiomatic-systems/Bento4/issues/355", + "refsource": "MISC", + "url": "https://github.com/axiomatic-systems/Bento4/issues/355" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7946.json b/2019/7xxx/CVE-2019-7946.json index a2387f38312..ae93579a377 100644 --- a/2019/7xxx/CVE-2019-7946.json +++ b/2019/7xxx/CVE-2019-7946.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7946", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7946", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8038.json b/2019/8xxx/CVE-2019-8038.json index 9158cd679ea..1da6ff0bc6b 100644 --- a/2019/8xxx/CVE-2019-8038.json +++ b/2019/8xxx/CVE-2019-8038.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8038", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8038", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8339.json b/2019/8xxx/CVE-2019-8339.json index e454f70f224..4bcea557c65 100644 --- a/2019/8xxx/CVE-2019-8339.json +++ b/2019/8xxx/CVE-2019-8339.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8339", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8339", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8426.json b/2019/8xxx/CVE-2019-8426.json index 9021541161e..c921c15b94b 100644 --- a/2019/8xxx/CVE-2019-8426.json +++ b/2019/8xxx/CVE-2019-8426.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8426", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss", - "refsource" : "MISC", - "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss" - }, - { - "name" : "https://www.seebug.org/vuldb/ssvid-97766", - "refsource" : "MISC", - "url" : "https://www.seebug.org/vuldb/ssvid-97766" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss", + "refsource": "MISC", + "url": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss" + }, + { + "name": "https://www.seebug.org/vuldb/ssvid-97766", + "refsource": "MISC", + "url": "https://www.seebug.org/vuldb/ssvid-97766" + } + ] + } +} \ No newline at end of file