From bf90c0abbd4ac8e19f2e7dce30abc90237682052 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:22:26 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0134.json | 220 +++++++++++------------ 2007/0xxx/CVE-2007-0284.json | 190 ++++++++++---------- 2007/0xxx/CVE-2007-0361.json | 150 ++++++++-------- 2007/0xxx/CVE-2007-0631.json | 170 +++++++++--------- 2007/0xxx/CVE-2007-0878.json | 180 +++++++++---------- 2007/1xxx/CVE-2007-1171.json | 230 ++++++++++++------------ 2007/1xxx/CVE-2007-1453.json | 180 +++++++++---------- 2007/1xxx/CVE-2007-1578.json | 200 ++++++++++----------- 2007/1xxx/CVE-2007-1792.json | 200 ++++++++++----------- 2007/1xxx/CVE-2007-1945.json | 170 +++++++++--------- 2007/4xxx/CVE-2007-4193.json | 160 ++++++++--------- 2007/4xxx/CVE-2007-4608.json | 150 ++++++++-------- 2007/4xxx/CVE-2007-4680.json | 210 +++++++++++----------- 2007/5xxx/CVE-2007-5172.json | 150 ++++++++-------- 2007/5xxx/CVE-2007-5601.json | 210 +++++++++++----------- 2015/2xxx/CVE-2015-2031.json | 140 +++++++-------- 2015/2xxx/CVE-2015-2974.json | 140 +++++++-------- 2015/3xxx/CVE-2015-3542.json | 34 ++-- 2015/3xxx/CVE-2015-3652.json | 34 ++-- 2015/3xxx/CVE-2015-3654.json | 130 +++++++------- 2015/3xxx/CVE-2015-3726.json | 150 ++++++++-------- 2015/6xxx/CVE-2015-6099.json | 150 ++++++++-------- 2015/6xxx/CVE-2015-6335.json | 130 +++++++------- 2015/6xxx/CVE-2015-6674.json | 140 +++++++-------- 2015/6xxx/CVE-2015-6764.json | 220 +++++++++++------------ 2015/6xxx/CVE-2015-6842.json | 34 ++-- 2015/7xxx/CVE-2015-7310.json | 130 +++++++------- 2015/7xxx/CVE-2015-7370.json | 180 +++++++++---------- 2015/7xxx/CVE-2015-7457.json | 130 +++++++------- 2015/7xxx/CVE-2015-7925.json | 160 ++++++++--------- 2016/0xxx/CVE-2016-0052.json | 140 +++++++-------- 2016/0xxx/CVE-2016-0201.json | 140 +++++++-------- 2016/0xxx/CVE-2016-0239.json | 130 +++++++------- 2016/0xxx/CVE-2016-0877.json | 120 ++++++------- 2016/1000xxx/CVE-2016-1000361.json | 34 ++-- 2016/1xxx/CVE-2016-1047.json | 150 ++++++++-------- 2016/4xxx/CVE-2016-4258.json | 140 +++++++-------- 2016/4xxx/CVE-2016-4555.json | 270 ++++++++++++++--------------- 2016/4xxx/CVE-2016-4772.json | 210 +++++++++++----------- 2016/4xxx/CVE-2016-4889.json | 150 ++++++++-------- 2016/5xxx/CVE-2016-5320.json | 34 ++-- 2016/5xxx/CVE-2016-5412.json | 180 +++++++++---------- 2019/0xxx/CVE-2019-0244.json | 226 ++++++++++++------------ 2019/0xxx/CVE-2019-0380.json | 34 ++-- 2019/0xxx/CVE-2019-0451.json | 34 ++-- 2019/0xxx/CVE-2019-0798.json | 34 ++-- 2019/3xxx/CVE-2019-3134.json | 34 ++-- 2019/3xxx/CVE-2019-3585.json | 34 ++-- 2019/3xxx/CVE-2019-3690.json | 34 ++-- 2019/4xxx/CVE-2019-4064.json | 34 ++-- 2019/4xxx/CVE-2019-4508.json | 34 ++-- 2019/4xxx/CVE-2019-4717.json | 34 ++-- 2019/7xxx/CVE-2019-7510.json | 34 ++-- 2019/8xxx/CVE-2019-8163.json | 34 ++-- 2019/8xxx/CVE-2019-8419.json | 120 ++++++------- 2019/8xxx/CVE-2019-8845.json | 34 ++-- 2019/8xxx/CVE-2019-8850.json | 34 ++-- 2019/9xxx/CVE-2019-9300.json | 34 ++-- 2019/9xxx/CVE-2019-9302.json | 34 ++-- 2019/9xxx/CVE-2019-9598.json | 120 ++++++------- 2019/9xxx/CVE-2019-9718.json | 130 +++++++------- 61 files changed, 3738 insertions(+), 3738 deletions(-) diff --git a/2007/0xxx/CVE-2007-0134.json b/2007/0xxx/CVE-2007-0134.json index ae53f15d78c..8e345fa8fd0 100644 --- a/2007/0xxx/CVE-2007-0134.json +++ b/2007/0xxx/CVE-2007-0134.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0134", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1.4." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0134", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 IG Shop remote code execution", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456043/100/0/threaded" - }, - { - "name" : "20070619 iG Shop 1.4 eval Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471722/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.nl/0701-exploits/igshop10-multiple.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.nl/0701-exploits/igshop10-multiple.txt" - }, - { - "name" : "3083", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3083" - }, - { - "name" : "20070618 Dup: iG Shop 1.4 (page.php) Remote Code Execution Exploit", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-June/001664.html" - }, - { - "name" : "21875", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21875" - }, - { - "name" : "ADV-2007-0056", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0056" - }, - { - "name" : "33387", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33387" - }, - { - "name" : "33388", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33388" - }, - { - "name" : "23604", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23604" - }, - { - "name" : "igshop-cartpage-code-execution(31301)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute arbitrary code via the action parameter, which is supplied to an eval function call in (1) cart.php and (2) page.php. NOTE: a later report and CVE analysis indicate that the vulnerability is present in 1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21875", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21875" + }, + { + "name": "3083", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3083" + }, + { + "name": "33388", + "refsource": "OSVDB", + "url": "http://osvdb.org/33388" + }, + { + "name": "33387", + "refsource": "OSVDB", + "url": "http://osvdb.org/33387" + }, + { + "name": "20070619 iG Shop 1.4 eval Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471722/100/0/threaded" + }, + { + "name": "23604", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23604" + }, + { + "name": "20070105 IG Shop remote code execution", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456043/100/0/threaded" + }, + { + "name": "ADV-2007-0056", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0056" + }, + { + "name": "igshop-cartpage-code-execution(31301)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31301" + }, + { + "name": "20070618 Dup: iG Shop 1.4 (page.php) Remote Code Execution Exploit", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-June/001664.html" + }, + { + "name": "http://packetstormsecurity.nl/0701-exploits/igshop10-multiple.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.nl/0701-exploits/igshop10-multiple.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0284.json b/2007/0xxx/CVE-2007-0284.json index a07d2147860..0019754068b 100644 --- a/2007/0xxx/CVE-2007-0284.json +++ b/2007/0xxx/CVE-2007-0284.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0284", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.3 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2, have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J03 and (2) OC4J04." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" - }, - { - "name" : "TA07-017A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" - }, - { - "name" : "22083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22083" - }, - { - "name" : "32897", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32897" - }, - { - "name" : "32898", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32898" - }, - { - "name" : "1017522", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017522" - }, - { - "name" : "23794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23794" - }, - { - "name" : "oracle-cpu-jan2007(31541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.3 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2, have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J03 and (2) OC4J04." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32897", + "refsource": "OSVDB", + "url": "http://osvdb.org/32897" + }, + { + "name": "32898", + "refsource": "OSVDB", + "url": "http://osvdb.org/32898" + }, + { + "name": "23794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23794" + }, + { + "name": "22083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22083" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" + }, + { + "name": "TA07-017A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" + }, + { + "name": "oracle-cpu-jan2007(31541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" + }, + { + "name": "1017522", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017522" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0361.json b/2007/0xxx/CVE-2007-0361.json index 54a4fc24fd8..c88fcdac5eb 100644 --- a/2007/0xxx/CVE-2007-0361.json +++ b/2007/0xxx/CVE-2007-0361.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0361", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0361", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3145", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3145" - }, - { - "name" : "22099", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22099" - }, - { - "name" : "ADV-2007-0231", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0231" - }, - { - "name" : "phpmyphorum-frame-file-include(31552)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0231", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0231" + }, + { + "name": "22099", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22099" + }, + { + "name": "3145", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3145" + }, + { + "name": "phpmyphorum-frame-file-include(31552)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31552" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0631.json b/2007/0xxx/CVE-2007-0631.json index 5f3f1ab5af1..916e20752cc 100644 --- a/2007/0xxx/CVE-2007-0631.json +++ b/2007/0xxx/CVE-2007-0631.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3227", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3227" - }, - { - "name" : "22314", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22314" - }, - { - "name" : "ADV-2007-0424", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0424" - }, - { - "name" : "31675", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31675" - }, - { - "name" : "23965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23965" - }, - { - "name" : "cascadianfaq-index-sql-injection(31968)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cascadianfaq-index-sql-injection(31968)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31968" + }, + { + "name": "3227", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3227" + }, + { + "name": "ADV-2007-0424", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0424" + }, + { + "name": "23965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23965" + }, + { + "name": "31675", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31675" + }, + { + "name": "22314", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22314" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0878.json b/2007/0xxx/CVE-2007-0878.json index 02df1cba2ac..e37046b9098 100644 --- a/2007/0xxx/CVE-2007-0878.json +++ b/2007/0xxx/CVE-2007-0878.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an \"overflow state.\" NOTE: it is possible that this issue is related to CVE-2007-0685." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070209 Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459571/100/0/threaded" - }, - { - "name" : "20070209 RE: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459591/100/0/threaded" - }, - { - "name" : "20070209 Re: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459584/100/0/threaded" - }, - { - "name" : "20070209 Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052293.html" - }, - { - "name" : "22500", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22500" - }, - { - "name" : "32629", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32629" - }, - { - "name" : "ie-mobile-wml-dos(32394)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32394" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an \"overflow state.\" NOTE: it is possible that this issue is related to CVE-2007-0685." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070209 Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052293.html" + }, + { + "name": "20070209 Re: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459584/100/0/threaded" + }, + { + "name": "20070209 RE: Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459591/100/0/threaded" + }, + { + "name": "22500", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22500" + }, + { + "name": "20070209 Denial Of Service in Internet Explorer for MS Windows Mobile 5.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459571/100/0/threaded" + }, + { + "name": "32629", + "refsource": "OSVDB", + "url": "http://osvdb.org/32629" + }, + { + "name": "ie-mobile-wml-dos(32394)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32394" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1171.json b/2007/1xxx/CVE-2007-1171.json index 1dfc54e3987..a76461b3d56 100644 --- a/2007/1xxx/CVE-2007-1171.json +++ b/2007/1xxx/CVE-2007-1171.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070220 NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460628/100/0/threaded" - }, - { - "name" : "20070925 [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480575/100/0/threaded" - }, - { - "name" : "20070928 Re: [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480994/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-53.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-53.html" - }, - { - "name" : "http://www.nukescripts.net/index.php?op=NEArticle&sid=4076", - "refsource" : "CONFIRM", - "url" : "http://www.nukescripts.net/index.php?op=NEArticle&sid=4076" - }, - { - "name" : "3337", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3337" - }, - { - "name" : "20070928 CVE-2007-5125 - dupe", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-September/001806.html" - }, - { - "name" : "22629", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22629" - }, - { - "name" : "25805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25805" - }, - { - "name" : "26954", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26954" - }, - { - "name" : "2344", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2344" - }, - { - "name" : "nukesentinel-nsbypass-sql-injection(32582)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.waraxe.us/advisory-53.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-53.html" + }, + { + "name": "nukesentinel-nsbypass-sql-injection(32582)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32582" + }, + { + "name": "22629", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22629" + }, + { + "name": "http://www.nukescripts.net/index.php?op=NEArticle&sid=4076", + "refsource": "CONFIRM", + "url": "http://www.nukescripts.net/index.php?op=NEArticle&sid=4076" + }, + { + "name": "20070928 CVE-2007-5125 - dupe", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-September/001806.html" + }, + { + "name": "3337", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3337" + }, + { + "name": "2344", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2344" + }, + { + "name": "20070928 Re: [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480994/100/0/threaded" + }, + { + "name": "20070220 NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460628/100/0/threaded" + }, + { + "name": "20070925 [waraxe-2007-SA#053] - Critical Sql Injection in NukeSentinel 2.5.11", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480575/100/0/threaded" + }, + { + "name": "25805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25805" + }, + { + "name": "26954", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26954" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1453.json b/2007/1xxx/CVE-2007-1453.json index ba9caa3f5b2..1f082ea3605 100644 --- a/2007/1xxx/CVE-2007-1453.json +++ b/2007/1xxx/CVE-2007-1453.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-19-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-19-2007.html" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "MISC", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "22922", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22922" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "MISC", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "22922", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22922" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-19-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-19-2007.html" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1578.json b/2007/1xxx/CVE-2007-1578.json index 293484c97e4..a4d1527ae35 100644 --- a/2007/1xxx/CVE-2007-1578.json +++ b/2007/1xxx/CVE-2007-1578.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070320 Mercur SP4 IMAPD", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0280.html" - }, - { - "name" : "3527", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3527" - }, - { - "name" : "http://www.digit-labs.org/files/exploits/mercur-v1.pl", - "refsource" : "MISC", - "url" : "http://www.digit-labs.org/files/exploits/mercur-v1.pl" - }, - { - "name" : "23058", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23058" - }, - { - "name" : "ADV-2007-1053", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1053" - }, - { - "name" : "33545", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33545" - }, - { - "name" : "1017798", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017798" - }, - { - "name" : "24596", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24596" - }, - { - "name" : "mercur-imap-ntlm-bo(33120)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33120" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mercur-imap-ntlm-bo(33120)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33120" + }, + { + "name": "http://www.digit-labs.org/files/exploits/mercur-v1.pl", + "refsource": "MISC", + "url": "http://www.digit-labs.org/files/exploits/mercur-v1.pl" + }, + { + "name": "3527", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3527" + }, + { + "name": "ADV-2007-1053", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1053" + }, + { + "name": "1017798", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017798" + }, + { + "name": "33545", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33545" + }, + { + "name": "20070320 Mercur SP4 IMAPD", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0280.html" + }, + { + "name": "23058", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23058" + }, + { + "name": "24596", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24596" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1792.json b/2007/1xxx/CVE-2007-1792.json index 336e768d2fc..6c01fdb62b9 100644 --- a/2007/1xxx/CVE-2007-1792.json +++ b/2007/1xxx/CVE-2007-1792.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of \"PE-Shield v0.2\" and \"ASPack v1.00-1.08.02\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-1792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070628 Secunia Research: Symantec Mail Security for SMTP Boundary Errors", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472440/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2007-48/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-48/advisory/" - }, - { - "name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html", - "refsource" : "CONFIRM", - "url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html" - }, - { - "name" : "24625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24625" - }, - { - "name" : "ADV-2007-2335", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2335" - }, - { - "name" : "36110", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36110" - }, - { - "name" : "1018301", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018301" - }, - { - "name" : "24632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24632" - }, - { - "name" : "symantec-mailsecurity-attachment-dos(35105)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of \"PE-Shield v0.2\" and \"ASPack v1.00-1.08.02\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24632" + }, + { + "name": "symantec-mailsecurity-attachment-dos(35105)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105" + }, + { + "name": "ADV-2007-2335", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2335" + }, + { + "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html", + "refsource": "CONFIRM", + "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html" + }, + { + "name": "http://secunia.com/secunia_research/2007-48/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-48/advisory/" + }, + { + "name": "1018301", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018301" + }, + { + "name": "20070628 Secunia Research: Symantec Mail Security for SMTP Boundary Errors", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded" + }, + { + "name": "36110", + "refsource": "OSVDB", + "url": "http://osvdb.org/36110" + }, + { + "name": "24625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24625" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1945.json b/2007/1xxx/CVE-2007-1945.json index cc7661b6ef9..6d7e8c0d8a1 100644 --- a/2007/1xxx/CVE-2007-1945.json +++ b/2007/1xxx/CVE-2007-1945.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951#6107", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951#6107" - }, - { - "name" : "PK36447", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=PK36447&apar=only" - }, - { - "name" : "ADV-2007-1282", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1282" - }, - { - "name" : "41605", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41605" - }, - { - "name" : "24852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24852" - }, - { - "name" : "websphere-servlet-information-disclosure(33471)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33471" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "PK36447", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK36447&apar=only" + }, + { + "name": "41605", + "refsource": "OSVDB", + "url": "http://osvdb.org/41605" + }, + { + "name": "24852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24852" + }, + { + "name": "ADV-2007-1282", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1282" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951#6107", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951#6107" + }, + { + "name": "websphere-servlet-information-disclosure(33471)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33471" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4193.json b/2007/4xxx/CVE-2007-4193.json index 855a8bf6665..4e87750559f 100644 --- a/2007/4xxx/CVE-2007-4193.json +++ b/2007/4xxx/CVE-2007-4193.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in IDE Group DVD Rental System (DRS) 5.1 before 20070801 allow remote attackers to perform certain actions as arbitrary users, as demonstrated by (1) modifying data or (2) canceling a subscription. NOTE: it is not clear whether IDE Group updates all DRS installations in its role as an application service provider. If so, then this issue should not be included in CVE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070802 DVD Rental System multiple XSS and CSRF vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0020.html" - }, - { - "name" : "ADV-2007-2806", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2806" - }, - { - "name" : "39523", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39523" - }, - { - "name" : "26310", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26310" - }, - { - "name" : "drs-index-csrf(35769)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35769" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in IDE Group DVD Rental System (DRS) 5.1 before 20070801 allow remote attackers to perform certain actions as arbitrary users, as demonstrated by (1) modifying data or (2) canceling a subscription. NOTE: it is not clear whether IDE Group updates all DRS installations in its role as an application service provider. If so, then this issue should not be included in CVE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26310", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26310" + }, + { + "name": "ADV-2007-2806", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2806" + }, + { + "name": "39523", + "refsource": "OSVDB", + "url": "http://osvdb.org/39523" + }, + { + "name": "20070802 DVD Rental System multiple XSS and CSRF vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0020.html" + }, + { + "name": "drs-index-csrf(35769)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35769" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4608.json b/2007/4xxx/CVE-2007-4608.json index 812c67bb55b..48a107ca539 100644 --- a/2007/4xxx/CVE-2007-4608.json +++ b/2007/4xxx/CVE-2007-4608.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in protection.php in ePersonnel RC_2004_02 allows remote attackers to execute arbitrary PHP code via a URL in the logout_page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070827 ePersonnel_RC_2004 Remote File Bug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477867/100/0/threaded" - }, - { - "name" : "38439", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38439" - }, - { - "name" : "3077", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3077" - }, - { - "name" : "epersonnel-protection-file-include(36279)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36279" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in protection.php in ePersonnel RC_2004_02 allows remote attackers to execute arbitrary PHP code via a URL in the logout_page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "epersonnel-protection-file-include(36279)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36279" + }, + { + "name": "38439", + "refsource": "OSVDB", + "url": "http://osvdb.org/38439" + }, + { + "name": "20070827 ePersonnel_RC_2004 Remote File Bug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477867/100/0/threaded" + }, + { + "name": "3077", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3077" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4680.json b/2007/4xxx/CVE-2007-4680.json index c79267eef32..7c674e9bbc2 100644 --- a/2007/4xxx/CVE-2007-4680.json +++ b/2007/4xxx/CVE-2007-4680.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4680", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4680", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307563", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307563" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "ADV-2008-0920", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0920/references" - }, - { - "name" : "1018950", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018950" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "macosx-cfnetwork-ssl-mitm(38463)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38463" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CFNetwork in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 does not properly validate certificates, which allows remote attackers to spoof trusted SSL certificates via a man-in-the-middle attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018950", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018950" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "macosx-cfnetwork-ssl-mitm(38463)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38463" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307563", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307563" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "ADV-2008-0920", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0920/references" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5172.json b/2007/5xxx/CVE-2007-5172.json index f78c2f9e5b2..9314df86078 100644 --- a/2007/5xxx/CVE-2007-5172.json +++ b/2007/5xxx/CVE-2007-5172.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forums.quicksilverforums.com/index.php?a=topic&t=1332", - "refsource" : "CONFIRM", - "url" : "http://forums.quicksilverforums.com/index.php?a=topic&t=1332" - }, - { - "name" : "25887", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25887" - }, - { - "name" : "26998", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26998" - }, - { - "name" : "quicksilver-library-information-disclosure(36891)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36891" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26998", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26998" + }, + { + "name": "25887", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25887" + }, + { + "name": "http://forums.quicksilverforums.com/index.php?a=topic&t=1332", + "refsource": "CONFIRM", + "url": "http://forums.quicksilverforums.com/index.php?a=topic&t=1332" + }, + { + "name": "quicksilver-library-information-disclosure(36891)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36891" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5601.json b/2007/5xxx/CVE-2007-5601.json index 4ea983d72d1..52ed862541e 100644 --- a/2007/5xxx/CVE-2007-5601.json +++ b/2007/5xxx/CVE-2007-5601.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5601", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-5601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.infosecblog.org/2007/10/nasa-bans-ie.html", - "refsource" : "MISC", - "url" : "http://www.infosecblog.org/2007/10/nasa-bans-ie.html" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html" - }, - { - "name" : "http://service.real.com/realplayer/security/191007_player/en/", - "refsource" : "CONFIRM", - "url" : "http://service.real.com/realplayer/security/191007_player/en/" - }, - { - "name" : "TA07-297A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-297A.html" - }, - { - "name" : "VU#871673", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/871673" - }, - { - "name" : "26130", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26130" - }, - { - "name" : "ADV-2007-3548", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3548" - }, - { - "name" : "1018843", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018843" - }, - { - "name" : "27248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27248" - }, - { - "name" : "realplayer-activex-bo(37280)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27248" + }, + { + "name": "VU#871673", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/871673" + }, + { + "name": "1018843", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018843" + }, + { + "name": "ADV-2007-3548", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3548" + }, + { + "name": "http://www.infosecblog.org/2007/10/nasa-bans-ie.html", + "refsource": "MISC", + "url": "http://www.infosecblog.org/2007/10/nasa-bans-ie.html" + }, + { + "name": "26130", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26130" + }, + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/realplayer_exploit_on_the_loos.html" + }, + { + "name": "TA07-297A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-297A.html" + }, + { + "name": "http://service.real.com/realplayer/security/191007_player/en/", + "refsource": "CONFIRM", + "url": "http://service.real.com/realplayer/security/191007_player/en/" + }, + { + "name": "realplayer-activex-bo(37280)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37280" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2031.json b/2015/2xxx/CVE-2015-2031.json index 144b8e54d07..591893c8ac6 100644 --- a/2015/2xxx/CVE-2015-2031.json +++ b/2015/2xxx/CVE-2015-2031.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" - }, - { - "name" : "PI44098", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" - }, - { - "name" : "PI44105", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" + }, + { + "name": "PI44105", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" + }, + { + "name": "PI44098", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2974.json b/2015/2xxx/CVE-2015-2974.json index 557456ca36f..2db6a87a98e 100644 --- a/2015/2xxx/CVE-2015-2974.json +++ b/2015/2xxx/CVE-2015-2974.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2974", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2974", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/en/jp/JVN86680970/995636/index.html", - "refsource" : "CONFIRM", - "url" : "http://jvn.jp/en/jp/JVN86680970/995636/index.html" - }, - { - "name" : "JVN#86680970", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN86680970/index.html" - }, - { - "name" : "JVNDB-2015-000106", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://jvn.jp/en/jp/JVN86680970/995636/index.html", + "refsource": "CONFIRM", + "url": "http://jvn.jp/en/jp/JVN86680970/995636/index.html" + }, + { + "name": "JVNDB-2015-000106", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000106" + }, + { + "name": "JVN#86680970", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN86680970/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3542.json b/2015/3xxx/CVE-2015-3542.json index bf1b31e9d36..b346b2460ff 100644 --- a/2015/3xxx/CVE-2015-3542.json +++ b/2015/3xxx/CVE-2015-3542.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3542", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3542", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3652.json b/2015/3xxx/CVE-2015-3652.json index 1f535881a19..a74e1f6ca6a 100644 --- a/2015/3xxx/CVE-2015-3652.json +++ b/2015/3xxx/CVE-2015-3652.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3652", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3652", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3654.json b/2015/3xxx/CVE-2015-3654.json index 9b4ce47b357..715c2ffcda4 100644 --- a/2015/3xxx/CVE-2015-3654.json +++ b/2015/3xxx/CVE-2015-3654.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txt", - "refsource" : "CONFIRM", - "url" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txt" - }, - { - "name" : "100602", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100602" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txt", + "refsource": "CONFIRM", + "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txt" + }, + { + "name": "100602", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100602" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3726.json b/2015/3xxx/CVE-2015-3726.json index db4e3dc2596..8c4cce15a03 100644 --- a/2015/3xxx/CVE-2015-3726.json +++ b/2015/3xxx/CVE-2015-3726.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204941", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204941" - }, - { - "name" : "APPLE-SA-2015-06-30-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" - }, - { - "name" : "75490", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75490" - }, - { - "name" : "1032761", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT204941", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204941" + }, + { + "name": "1032761", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032761" + }, + { + "name": "75490", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75490" + }, + { + "name": "APPLE-SA-2015-06-30-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6099.json b/2015/6xxx/CVE-2015-6099.json index 9dd456ed16b..bc9268d7bc3 100644 --- a/2015/6xxx/CVE-2015-6099.json +++ b/2015/6xxx/CVE-2015-6099.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka \".NET Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151111 Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536875/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134314/Microsoft-.NET-Framework-XSS-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134314/Microsoft-.NET-Framework-XSS-Privilege-Escalation.html" - }, - { - "name" : "MS15-118", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-118" - }, - { - "name" : "1034116", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka \".NET Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134314/Microsoft-.NET-Framework-XSS-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134314/Microsoft-.NET-Framework-XSS-Privilege-Escalation.html" + }, + { + "name": "MS15-118", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-118" + }, + { + "name": "20151111 Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536875/100/0/threaded" + }, + { + "name": "1034116", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034116" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6335.json b/2015/6xxx/CVE-2015-6335.json index cdc43576ad1..e021d6741dc 100644 --- a/2015/6xxx/CVE-2015-6335.json +++ b/2015/6xxx/CVE-2015-6335.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151019 Cisco FireSIGHT Management Center Policy Code for VMware Privilege Escalation Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc" - }, - { - "name" : "1033873", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033873", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033873" + }, + { + "name": "20151019 Cisco FireSIGHT Management Center Policy Code for VMware Privilege Escalation Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-fmc" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6674.json b/2015/6xxx/CVE-2015-6674.json index 33b01dd65a2..9e8e2f3feee 100644 --- a/2015/6xxx/CVE-2015-6674.json +++ b/2015/6xxx/CVE-2015-6674.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880" - }, - { - "name" : "DSA-3226", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3226" - }, - { - "name" : "GLSA-201512-13", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-13" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780880" + }, + { + "name": "GLSA-201512-13", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-13" + }, + { + "name": "DSA-3226", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3226" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6764.json b/2015/6xxx/CVE-2015-6764.json index 27f61fd53f4..47021330c3d 100644 --- a/2015/6xxx/CVE-2015-6764.json +++ b/2015/6xxx/CVE-2015-6764.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6764", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6764", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc", - "refsource" : "CONFIRM", - "url" : "https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=554946", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=554946" - }, - { - "name" : "https://codereview.chromium.org/1440223002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1440223002" - }, - { - "name" : "DSA-3415", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3415" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "openSUSE-SU-2016:0138", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "78209", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78209" - }, - { - "name" : "1034298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=554946", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=554946" + }, + { + "name": "openSUSE-SU-2016:0138", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00045.html" + }, + { + "name": "https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc", + "refsource": "CONFIRM", + "url": "https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "https://codereview.chromium.org/1440223002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1440223002" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "DSA-3415", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3415" + }, + { + "name": "78209", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78209" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + }, + { + "name": "1034298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034298" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6842.json b/2015/6xxx/CVE-2015-6842.json index 7936cc36d1b..a384d25a391 100644 --- a/2015/6xxx/CVE-2015-6842.json +++ b/2015/6xxx/CVE-2015-6842.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6842", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6842", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7310.json b/2015/7xxx/CVE-2015-7310.json index 225c78003bc..ba58581ed05 100644 --- a/2015/7xxx/CVE-2015-7310.json +++ b/2015/7xxx/CVE-2015-7310.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7310", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7310", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10133", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10133" - }, - { - "name" : "1033654", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) before 9.3.2MR18, 9.4.x before 9.4.2MR8, and 9.5.x before 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename, which is not properly handled when downloading the file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10133", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10133" + }, + { + "name": "1033654", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033654" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7370.json b/2015/7xxx/CVE-2015-7370.json index 36a5e0cfd4d..5286428a318 100644 --- a/2015/7xxx/CVE-2015-7370.json +++ b/2015/7xxx/CVE-2015-7370.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026, allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data-file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536633/100/0/threaded" - }, - { - "name" : "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/32" - }, - { - "name" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" - }, - { - "name" : "http://www.revive-adserver.com/security/revive-sa-2015-001", - "refsource" : "CONFIRM", - "url" : "http://www.revive-adserver.com/security/revive-sa-2015-001" - }, - { - "name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx" - }, - { - "name" : "91497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91497" - }, - { - "name" : "1036193", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036193" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026, allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data-file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.revive-adserver.com/security/revive-sa-2015-001", + "refsource": "CONFIRM", + "url": "http://www.revive-adserver.com/security/revive-sa-2015-001" + }, + { + "name": "1036193", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036193" + }, + { + "name": "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536633/100/0/threaded" + }, + { + "name": "91497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91497" + }, + { + "name": "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/32" + }, + { + "name": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" + }, + { + "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7457.json b/2015/7xxx/CVE-2015-7457.json index b42bce0fe4f..26671b74797 100644 --- a/2015/7xxx/CVE-2015-7457.json +++ b/2015/7xxx/CVE-2015-7457.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21975358", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21975358" - }, - { - "name" : "PI56432", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56432" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21975358", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21975358" + }, + { + "name": "PI56432", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56432" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7925.json b/2015/7xxx/CVE-2015-7925.json index 67a2456e7ea..ed57e6c21ec 100644 --- a/2015/7xxx/CVE-2015-7925.json +++ b/2015/7xxx/CVE-2015-7925.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151224 eWON sa Industrial router - Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/118" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-03" - }, - { - "name" : "http://packetstormsecurity.com/files/135069/eWON-XSS-CSRF-Session-Management-RBAC-Issues.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135069/eWON-XSS-CSRF-Session-Management-RBAC-Issues.html" - }, - { - "name" : "http://ewon.biz/support/news/support/ewon-security-enhancement-7529-01", - "refsource" : "CONFIRM", - "url" : "http://ewon.biz/support/news/support/ewon-security-enhancement-7529-01" - }, - { - "name" : "79625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151224 eWON sa Industrial router - Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/118" + }, + { + "name": "http://packetstormsecurity.com/files/135069/eWON-XSS-CSRF-Session-Management-RBAC-Issues.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135069/eWON-XSS-CSRF-Session-Management-RBAC-Issues.html" + }, + { + "name": "http://ewon.biz/support/news/support/ewon-security-enhancement-7529-01", + "refsource": "CONFIRM", + "url": "http://ewon.biz/support/news/support/ewon-security-enhancement-7529-01" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-03" + }, + { + "name": "79625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79625" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0052.json b/2016/0xxx/CVE-2016-0052.json index 3088ce44fec..9faaa976eb4 100644 --- a/2016/0xxx/CVE-2016-0052.json +++ b/2016/0xxx/CVE-2016-0052.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0052", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0022." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0052", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-015", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-015" - }, - { - "name" : "1034975", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034975" - }, - { - "name" : "1034976", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034976" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0022." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034976", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034976" + }, + { + "name": "MS16-015", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-015" + }, + { + "name": "1034975", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034975" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0201.json b/2016/0xxx/CVE-2016-0201.json index 418d83911d0..63f46af4b88 100644 --- a/2016/0xxx/CVE-2016-0201.json +++ b/2016/0xxx/CVE-2016-0201.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0201", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0201", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974242", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974242" - }, - { - "name" : "80883", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/80883" - }, - { - "name" : "1034696", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034696" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21974242", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974242" + }, + { + "name": "80883", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80883" + }, + { + "name": "1034696", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034696" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0239.json b/2016/0xxx/CVE-2016-0239.json index 634072a63b4..e19a00fb7c9 100644 --- a/2016/0xxx/CVE-2016-0239.json +++ b/2016/0xxx/CVE-2016-0239.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988999", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988999" - }, - { - "name" : "93827", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium Database Activity Monitor 9.x through 9.5 before p700 and 10.x through 10.0.1 before p100 allows remote authenticated users to make HTTP requests with administrator privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988999", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988999" + }, + { + "name": "93827", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93827" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0877.json b/2016/0xxx/CVE-2016-0877.json index 063f2eb3141..44e972bd912 100644 --- a/2016/0xxx/CVE-2016-0877.json +++ b/2016/0xxx/CVE-2016-0877.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0877", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-0877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak on Moxa Secure Router EDR-G903 devices before 3.4.12 allows remote attackers to cause a denial of service (memory consumption) by executing the ping function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000361.json b/2016/1000xxx/CVE-2016-1000361.json index bf809e066c0..5bfcb4cafa4 100644 --- a/2016/1000xxx/CVE-2016-1000361.json +++ b/2016/1000xxx/CVE-2016-1000361.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000361", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9848. Reason: This candidate is a reservation duplicate of CVE-2016-9848. Notes: All CVE users should reference CVE-2016-9848 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000361", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9848. Reason: This candidate is a reservation duplicate of CVE-2016-9848. Notes: All CVE users should reference CVE-2016-9848 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1047.json b/2016/1xxx/CVE-2016-1047.json index 9d100c132ad..de93fdb626b 100644 --- a/2016/1xxx/CVE-2016-1047.json +++ b/2016/1xxx/CVE-2016-1047.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1047", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1047", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-295", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-295" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90512", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90512" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90512", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90512" + }, + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-295", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4258.json b/2016/4xxx/CVE-2016-4258.json index f5a6106120c..bd0cac5d92b 100644 --- a/2016/4xxx/CVE-2016-4258.json +++ b/2016/4xxx/CVE-2016-4258.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" - }, - { - "name" : "92928", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92928" - }, - { - "name" : "1036793", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036793" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036793", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036793" + }, + { + "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" + }, + { + "name": "92928", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92928" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4555.json b/2016/4xxx/CVE-2016-4555.json index 7b48747a1b2..66c2994c39b 100644 --- a/2016/4xxx/CVE-2016-4555.json +++ b/2016/4xxx/CVE-2016-4555.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/06/3" - }, - { - "name" : "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/06/5" - }, - { - "name" : "http://bugs.squid-cache.org/show_bug.cgi?id=4455", - "refsource" : "CONFIRM", - "url" : "http://bugs.squid-cache.org/show_bug.cgi?id=4455" - }, - { - "name" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt" - }, - { - "name" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch" - }, - { - "name" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3625", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3625" - }, - { - "name" : "GLSA-201607-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-01" - }, - { - "name" : "RHSA-2016:1139", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1139" - }, - { - "name" : "RHSA-2016:1140", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1140" - }, - { - "name" : "openSUSE-SU-2016:2081", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" - }, - { - "name" : "SUSE-SU-2016:1996", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" - }, - { - "name" : "SUSE-SU-2016:2089", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" - }, - { - "name" : "USN-2995-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2995-1" - }, - { - "name" : "1035770", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035770" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.squid-cache.org/show_bug.cgi?id=4455", + "refsource": "CONFIRM", + "url": "http://bugs.squid-cache.org/show_bug.cgi?id=4455" + }, + { + "name": "GLSA-201607-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-01" + }, + { + "name": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1996", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" + }, + { + "name": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch" + }, + { + "name": "USN-2995-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2995-1" + }, + { + "name": "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/06/5" + }, + { + "name": "RHSA-2016:1140", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1140" + }, + { + "name": "openSUSE-SU-2016:2081", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" + }, + { + "name": "1035770", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035770" + }, + { + "name": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt" + }, + { + "name": "RHSA-2016:1139", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1139" + }, + { + "name": "SUSE-SU-2016:2089", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" + }, + { + "name": "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/06/3" + }, + { + "name": "DSA-3625", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3625" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4772.json b/2016/4xxx/CVE-2016-4772.json index 95bf945615d..f898ed67332 100644 --- a/2016/4xxx/CVE-2016-4772.json +++ b/2016/4xxx/CVE-2016-4772.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207141", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207141" - }, - { - "name" : "https://support.apple.com/HT207142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207142" - }, - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "APPLE-SA-2016-09-20-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" - }, - { - "name" : "APPLE-SA-2016-09-20-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" - }, - { - "name" : "93054", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93054" - }, - { - "name" : "1036858", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207141", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207141" + }, + { + "name": "1036858", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036858" + }, + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "APPLE-SA-2016-09-20-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" + }, + { + "name": "APPLE-SA-2016-09-20-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" + }, + { + "name": "93054", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93054" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + }, + { + "name": "https://support.apple.com/HT207142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207142" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4889.json b/2016/4xxx/CVE-2016-4889.json index 1a45311f79e..3ce22743377 100644 --- a/2016/4xxx/CVE-2016-4889.json +++ b/2016/4xxx/CVE-2016-4889.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.manageengine.com/products/service-desk/readme-9.0.html", - "refsource" : "CONFIRM", - "url" : "https://www.manageengine.com/products/service-desk/readme-9.0.html" - }, - { - "name" : "JVN#89726415", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN89726415/index.html" - }, - { - "name" : "JVNDB-2016-000170", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000170.html" - }, - { - "name" : "93215", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000170", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000170.html" + }, + { + "name": "https://www.manageengine.com/products/service-desk/readme-9.0.html", + "refsource": "CONFIRM", + "url": "https://www.manageengine.com/products/service-desk/readme-9.0.html" + }, + { + "name": "93215", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93215" + }, + { + "name": "JVN#89726415", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN89726415/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5320.json b/2016/5xxx/CVE-2016-5320.json index 6304fcba1a1..ad9610b228f 100644 --- a/2016/5xxx/CVE-2016-5320.json +++ b/2016/5xxx/CVE-2016-5320.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5320", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5320", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5412.json b/2016/5xxx/CVE-2016-5412.json index 667b43ebb4f..ff2f3102a7d 100644 --- a/2016/5xxx/CVE-2016-5412.json +++ b/2016/5xxx/CVE-2016-5412.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160728 CVE-2016-5412 Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/07/28/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349916", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1349916" - }, - { - "name" : "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3" - }, - { - "name" : "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245" - }, - { - "name" : "RHSA-2016:2574", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2574.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245" + }, + { + "name": "[oss-security] 20160728 CVE-2016-5412 Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3" + }, + { + "name": "RHSA-2016:2574", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" + }, + { + "name": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3" + }, + { + "name": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0244.json b/2019/0xxx/CVE-2019-0244.json index b9867ac9241..600dcd70d79 100644 --- a/2019/0xxx/CVE-2019-0244.json +++ b/2019/0xxx/CVE-2019-0244.json @@ -1,115 +1,115 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2019-0244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP CRM WebClient UI (SAPSCORE)", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "1.12" - } - ] - } - }, - { - "product_name" : "SAP CRM WebClient UI (S4FND)", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "1.02" - } - ] - } - }, - { - "product_name" : "SAP CRM WebClient UI (WEBCUIF)", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "7.31" - }, - { - "version_name" : "<", - "version_value" : "7.46" - }, - { - "version_name" : "<", - "version_value" : "7.47" - }, - { - "version_name" : "<", - "version_value" : "7.48" - }, - { - "version_name" : "<", - "version_value" : "8.0" - }, - { - "version_name" : "<", - "version_value" : "8.01" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2019-0244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP CRM WebClient UI (SAPSCORE)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.12" + } + ] + } + }, + { + "product_name": "SAP CRM WebClient UI (S4FND)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.02" + } + ] + } + }, + { + "product_name": "SAP CRM WebClient UI (WEBCUIF)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "7.31" + }, + { + "version_name": "<", + "version_value": "7.46" + }, + { + "version_name": "<", + "version_value": "7.47" + }, + { + "version_name": "<", + "version_value": "7.48" + }, + { + "version_name": "<", + "version_value": "8.0" + }, + { + "version_name": "<", + "version_value": "8.01" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2588763", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2588763" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" - }, - { - "name" : "106473", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31, 7.46, 7.47, 7.48, 8.0, 8.01) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2588763", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2588763" + }, + { + "name": "106473", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106473" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0380.json b/2019/0xxx/CVE-2019-0380.json index bd824a1d701..4cd2a326c18 100644 --- a/2019/0xxx/CVE-2019-0380.json +++ b/2019/0xxx/CVE-2019-0380.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0380", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0380", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0451.json b/2019/0xxx/CVE-2019-0451.json index ac9cbc70bce..a3bca3a40f2 100644 --- a/2019/0xxx/CVE-2019-0451.json +++ b/2019/0xxx/CVE-2019-0451.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0451", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0451", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0798.json b/2019/0xxx/CVE-2019-0798.json index 4c1b0817dad..8ecb2fea729 100644 --- a/2019/0xxx/CVE-2019-0798.json +++ b/2019/0xxx/CVE-2019-0798.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0798", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0798", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3134.json b/2019/3xxx/CVE-2019-3134.json index c78a17a8ced..f1658396e77 100644 --- a/2019/3xxx/CVE-2019-3134.json +++ b/2019/3xxx/CVE-2019-3134.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3134", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3134", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3585.json b/2019/3xxx/CVE-2019-3585.json index ec913266dc0..de373eec729 100644 --- a/2019/3xxx/CVE-2019-3585.json +++ b/2019/3xxx/CVE-2019-3585.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3585", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3585", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3690.json b/2019/3xxx/CVE-2019-3690.json index 6630218204d..26413a1d1eb 100644 --- a/2019/3xxx/CVE-2019-3690.json +++ b/2019/3xxx/CVE-2019-3690.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3690", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3690", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4064.json b/2019/4xxx/CVE-2019-4064.json index edfdb4a3457..27d2034d389 100644 --- a/2019/4xxx/CVE-2019-4064.json +++ b/2019/4xxx/CVE-2019-4064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4508.json b/2019/4xxx/CVE-2019-4508.json index a8bc2876eb8..21c61dffa28 100644 --- a/2019/4xxx/CVE-2019-4508.json +++ b/2019/4xxx/CVE-2019-4508.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4508", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4508", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4717.json b/2019/4xxx/CVE-2019-4717.json index 58267a94e44..22beeaa13f3 100644 --- a/2019/4xxx/CVE-2019-4717.json +++ b/2019/4xxx/CVE-2019-4717.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4717", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4717", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7510.json b/2019/7xxx/CVE-2019-7510.json index defd97230a8..5d90fe59e7a 100644 --- a/2019/7xxx/CVE-2019-7510.json +++ b/2019/7xxx/CVE-2019-7510.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7510", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7510", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8163.json b/2019/8xxx/CVE-2019-8163.json index 4ab5ed3dee3..af07995df82 100644 --- a/2019/8xxx/CVE-2019-8163.json +++ b/2019/8xxx/CVE-2019-8163.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8163", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8163", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8419.json b/2019/8xxx/CVE-2019-8419.json index 7941a18eae0..150e662484f 100644 --- a/2019/8xxx/CVE-2019-8419.json +++ b/2019/8xxx/CVE-2019-8419.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VNote 2.2 has XSS via a new text note." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/tamlok/vnote/issues/564", - "refsource" : "MISC", - "url" : "https://github.com/tamlok/vnote/issues/564" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VNote 2.2 has XSS via a new text note." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tamlok/vnote/issues/564", + "refsource": "MISC", + "url": "https://github.com/tamlok/vnote/issues/564" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8845.json b/2019/8xxx/CVE-2019-8845.json index 8a47d8343a1..7a17c49fd3d 100644 --- a/2019/8xxx/CVE-2019-8845.json +++ b/2019/8xxx/CVE-2019-8845.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8845", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8845", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8850.json b/2019/8xxx/CVE-2019-8850.json index 6590acfd1e7..6aa87bf1aef 100644 --- a/2019/8xxx/CVE-2019-8850.json +++ b/2019/8xxx/CVE-2019-8850.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8850", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8850", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9300.json b/2019/9xxx/CVE-2019-9300.json index c2a6c67cb6d..23fc5ef28a6 100644 --- a/2019/9xxx/CVE-2019-9300.json +++ b/2019/9xxx/CVE-2019-9300.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9300", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9300", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9302.json b/2019/9xxx/CVE-2019-9302.json index 13f01648cb1..852281d5f38 100644 --- a/2019/9xxx/CVE-2019-9302.json +++ b/2019/9xxx/CVE-2019-9302.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9302", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9302", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9598.json b/2019/9xxx/CVE-2019-9598.json index 83f6058b2b4..41c60d90f92 100644 --- a/2019/9xxx/CVE-2019-9598.json +++ b/2019/9xxx/CVE-2019-9598.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9598", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF vulnerability that can change the payment account to redirect funds." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9598", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/chshcms/cscms/issues/4", - "refsource" : "MISC", - "url" : "https://github.com/chshcms/cscms/issues/4" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF vulnerability that can change the payment account to redirect funds." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/chshcms/cscms/issues/4", + "refsource": "MISC", + "url": "https://github.com/chshcms/cscms/issues/4" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9718.json b/2019/9xxx/CVE-2019-9718.json index 93e165e3f67..73b30762622 100644 --- a/2019/9xxx/CVE-2019-9718.json +++ b/2019/9xxx/CVE-2019-9718.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982", - "refsource" : "MISC", - "url" : "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982" - }, - { - "name" : "107382", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107382" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In FFmpeg 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982", + "refsource": "MISC", + "url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982" + }, + { + "name": "107382", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107382" + } + ] + } +} \ No newline at end of file