From c186a59cfab5a676148a77ca11fa12d2353c62ac Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 23:22:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0608.json | 140 ++++++------- 1999/1xxx/CVE-1999-1278.json | 150 +++++++------- 2005/2xxx/CVE-2005-2017.json | 130 ++++++------ 2005/2xxx/CVE-2005-2449.json | 170 ++++++++-------- 2005/2xxx/CVE-2005-2483.json | 170 ++++++++-------- 2005/2xxx/CVE-2005-2772.json | 180 ++++++++--------- 2007/1xxx/CVE-2007-1027.json | 180 ++++++++--------- 2007/5xxx/CVE-2007-5068.json | 160 +++++++-------- 2007/5xxx/CVE-2007-5354.json | 34 ++-- 2007/5xxx/CVE-2007-5556.json | 120 +++++------ 2007/5xxx/CVE-2007-5725.json | 150 +++++++------- 2007/5xxx/CVE-2007-5767.json | 170 ++++++++-------- 2009/2xxx/CVE-2009-2867.json | 160 +++++++-------- 2015/3xxx/CVE-2015-3036.json | 220 ++++++++++---------- 2015/3xxx/CVE-2015-3545.json | 34 ++-- 2015/3xxx/CVE-2015-3874.json | 120 +++++------ 2015/3xxx/CVE-2015-3884.json | 130 ++++++------ 2015/4xxx/CVE-2015-4375.json | 150 +++++++------- 2015/4xxx/CVE-2015-4667.json | 150 +++++++------- 2015/8xxx/CVE-2015-8018.json | 34 ++-- 2015/8xxx/CVE-2015-8398.json | 130 ++++++------ 2015/8xxx/CVE-2015-8457.json | 180 ++++++++--------- 2015/8xxx/CVE-2015-8467.json | 250 +++++++++++------------ 2015/9xxx/CVE-2015-9015.json | 142 ++++++------- 2015/9xxx/CVE-2015-9027.json | 140 ++++++------- 2016/1xxx/CVE-2016-1062.json | 150 +++++++------- 2016/1xxx/CVE-2016-1297.json | 130 ++++++------ 2016/5xxx/CVE-2016-5257.json | 310 ++++++++++++++--------------- 2016/5xxx/CVE-2016-5600.json | 140 ++++++------- 2016/5xxx/CVE-2016-5617.json | 34 ++-- 2016/5xxx/CVE-2016-5707.json | 34 ++-- 2018/1999xxx/CVE-2018-1999010.json | 146 +++++++------- 2018/2xxx/CVE-2018-2168.json | 34 ++-- 2018/2xxx/CVE-2018-2380.json | 202 +++++++++---------- 2018/2xxx/CVE-2018-2520.json | 34 ++-- 2018/2xxx/CVE-2018-2612.json | 210 +++++++++---------- 2018/2xxx/CVE-2018-2657.json | 240 +++++++++++----------- 2018/2xxx/CVE-2018-2770.json | 142 ++++++------- 2018/6xxx/CVE-2018-6040.json | 172 ++++++++-------- 2018/6xxx/CVE-2018-6768.json | 120 +++++------ 2018/6xxx/CVE-2018-6790.json | 150 +++++++------- 2019/0xxx/CVE-2019-0044.json | 34 ++-- 2019/0xxx/CVE-2019-0119.json | 34 ++-- 2019/0xxx/CVE-2019-0537.json | 136 ++++++------- 2019/0xxx/CVE-2019-0578.json | 130 ++++++------ 2019/0xxx/CVE-2019-0703.json | 34 ++-- 2019/1xxx/CVE-2019-1279.json | 34 ++-- 2019/1xxx/CVE-2019-1298.json | 34 ++-- 2019/1xxx/CVE-2019-1416.json | 34 ++-- 2019/1xxx/CVE-2019-1642.json | 188 ++++++++--------- 2019/4xxx/CVE-2019-4360.json | 34 ++-- 2019/4xxx/CVE-2019-4813.json | 34 ++-- 2019/5xxx/CVE-2019-5022.json | 34 ++-- 2019/5xxx/CVE-2019-5277.json | 34 ++-- 2019/5xxx/CVE-2019-5439.json | 34 ++-- 2019/5xxx/CVE-2019-5944.json | 34 ++-- 56 files changed, 3352 insertions(+), 3352 deletions(-) diff --git a/1999/0xxx/CVE-1999-0608.json b/1999/0xxx/CVE-1999-0608.json index 7ea87c2c26f..8ddd4573191 100644 --- a/1999/0xxx/CVE-1999-0608.json +++ b/1999/0xxx/CVE-1999-0608.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An incorrect configuration of the PDG Shopping Cart CGI program \"shopper.cgi\" could disclose private information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990420 Shopping Carts exposing CC data", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=92462991805485&w=2" - }, - { - "name" : "http://www.pdgsoft.com/Security/security.html.", - "refsource" : "CONFIRM", - "url" : "http://www.pdgsoft.com/Security/security.html." - }, - { - "name" : "pdgsoftcart-misconfig(3857)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3857" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An incorrect configuration of the PDG Shopping Cart CGI program \"shopper.cgi\" could disclose private information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990420 Shopping Carts exposing CC data", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=92462991805485&w=2" + }, + { + "name": "http://www.pdgsoft.com/Security/security.html.", + "refsource": "CONFIRM", + "url": "http://www.pdgsoft.com/Security/security.html." + }, + { + "name": "pdgsoftcart-misconfig(3857)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3857" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1278.json b/1999/1xxx/CVE-1999-1278.json index b3fe70f389d..d71633dde7d 100644 --- a/1999/1xxx/CVE-1999-1278.json +++ b/1999/1xxx/CVE-1999-1278.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1278", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981225 Re: Nlog v1.0 Released - Nmap 2.x log management / analyzing tool", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91470326629357&w=2" - }, - { - "name" : "19981226 Nlog 1.1b released - security holes fixed", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91471400632145&w=2" - }, - { - "name" : "http-cgi-nlog-netbios(1550)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1550" - }, - { - "name" : "http-cgi-nlog-metachars(1549)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19981226 Nlog 1.1b released - security holes fixed", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91471400632145&w=2" + }, + { + "name": "19981225 Re: Nlog v1.0 Released - Nmap 2.x log management / analyzing tool", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91470326629357&w=2" + }, + { + "name": "http-cgi-nlog-netbios(1550)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1550" + }, + { + "name": "http-cgi-nlog-metachars(1549)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1549" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2017.json b/2005/2xxx/CVE-2005-2017.json index f9dfbc980cd..d4e06835680 100644 --- a/2005/2xxx/CVE-2005-2017.json +++ b/2005/2xxx/CVE-2005-2017.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2017", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the \"Scan for viruses\" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2017", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050829 Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=298&type=vulnerabilities" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2005.08.24.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2005.08.24.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the \"Scan for viruses\" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/avcenter/security/Content/2005.08.24.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2005.08.24.html" + }, + { + "name": "20050829 Symantec AntiVirus 9 Corporate Edition Local Privilege Escalation Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=298&type=vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2449.json b/2005/2xxx/CVE-2005-2449.json index 8678d7df482..8c5c0d9d813 100644 --- a/2005/2xxx/CVE-2005-2449.json +++ b/2005/2xxx/CVE-2005-2449.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=96782", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=96782" - }, - { - "name" : "GLSA-200507-22", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml" - }, - { - "name" : "14375", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14375" - }, - { - "name" : "1014574", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014574" - }, - { - "name" : "16214", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16214" - }, - { - "name" : "sandbox-race-condition(21519)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200507-22", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200507-22.xml" + }, + { + "name": "16214", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16214" + }, + { + "name": "sandbox-race-condition(21519)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21519" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=96782", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=96782" + }, + { + "name": "1014574", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014574" + }, + { + "name": "14375", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14375" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2483.json b/2005/2xxx/CVE-2005-2483.json index 23da5e24985..65cd9ea1638 100644 --- a/2005/2xxx/CVE-2005-2483.json +++ b/2005/2xxx/CVE-2005-2483.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[karrigell-main] 20050731 SECURITY: python namespace exposure", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318" - }, - { - "name" : "[karrigell-main] 20050802 Re: SECURITY: python namespace exposure", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_id=12539317" - }, - { - "name" : "14463", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14463" - }, - { - "name" : "18506", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18506" - }, - { - "name" : "16319", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16319" - }, - { - "name" : "karrigel-dos(21668)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21668" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[karrigell-main] 20050802 Re: SECURITY: python namespace exposure", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_id=12539317" + }, + { + "name": "16319", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16319" + }, + { + "name": "14463", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14463" + }, + { + "name": "[karrigell-main] 20050731 SECURITY: python namespace exposure", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=7863293&forum_id=32318" + }, + { + "name": "karrigel-dos(21668)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21668" + }, + { + "name": "18506", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18506" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2772.json b/2005/2xxx/CVE-2005-2772.json index 4d8f47cdbeb..1d8f8db1363 100644 --- a/2005/2xxx/CVE-2005-2772.json +++ b/2005/2xxx/CVE-2005-2772.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long \"+VIEWS:\" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050901 UMN gopher[v3.0.9+] multiple(2) client buffer overflows.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112559902931614&w=2" - }, - { - "name" : "DSA-832", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-832" - }, - { - "name" : "VU#619812", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/619812" - }, - { - "name" : "14693", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14693" - }, - { - "name" : "16614", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16614/" - }, - { - "name" : "17016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17016" - }, - { - "name" : "umn-gopher-vifromline-bo(22053)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long \"+VIEWS:\" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050901 UMN gopher[v3.0.9+] multiple(2) client buffer overflows.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112559902931614&w=2" + }, + { + "name": "VU#619812", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/619812" + }, + { + "name": "DSA-832", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-832" + }, + { + "name": "14693", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14693" + }, + { + "name": "16614", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16614/" + }, + { + "name": "17016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17016" + }, + { + "name": "umn-gopher-vifromline-bo(22053)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22053" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1027.json b/2007/1xxx/CVE-2007-1027.json index 22eddeacee9..d2fc9c10a75 100644 --- a/2007/1xxx/CVE-2007-1027.json +++ b/2007/1xxx/CVE-2007-1027.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IY94817", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IY94817" - }, - { - "name" : "22614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22614" - }, - { - "name" : "ADV-2007-0652", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0652" - }, - { - "name" : "34024", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34024" - }, - { - "name" : "1017695", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017695" - }, - { - "name" : "1017665", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017665" - }, - { - "name" : "24213", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24213", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24213" + }, + { + "name": "1017665", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017665" + }, + { + "name": "34024", + "refsource": "OSVDB", + "url": "http://osvdb.org/34024" + }, + { + "name": "ADV-2007-0652", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0652" + }, + { + "name": "22614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22614" + }, + { + "name": "IY94817", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY94817" + }, + { + "name": "1017695", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017695" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5068.json b/2007/5xxx/CVE-2007-5068.json index f824f0cb4e7..54f56713603 100644 --- a/2007/5xxx/CVE-2007-5068.json +++ b/2007/5xxx/CVE-2007-5068.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5068", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5068", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4449", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4449" - }, - { - "name" : "25779", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25779" - }, - { - "name" : "ADV-2007-3254", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3254" - }, - { - "name" : "38164", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/38164" - }, - { - "name" : "phpfullannu-login-sql-injection(36747)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36747" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25779", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25779" + }, + { + "name": "phpfullannu-login-sql-injection(36747)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36747" + }, + { + "name": "4449", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4449" + }, + { + "name": "ADV-2007-3254", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3254" + }, + { + "name": "38164", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/38164" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5354.json b/2007/5xxx/CVE-2007-5354.json index f9de5025762..d5b461a1086 100644 --- a/2007/5xxx/CVE-2007-5354.json +++ b/2007/5xxx/CVE-2007-5354.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5354", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-5354", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5556.json b/2007/5xxx/CVE-2007-5556.json index 13a3ecd7a2d..443aaa0cc21 100644 --- a/2007/5xxx/CVE-2007-5556.json +++ b/2007/5xxx/CVE-2007-5556.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.irmplc.com/index.php/111-Vendor-Alerts", - "refsource" : "MISC", - "url" : "http://www.irmplc.com/index.php/111-Vendor-Alerts" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.irmplc.com/index.php/111-Vendor-Alerts", + "refsource": "MISC", + "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5725.json b/2007/5xxx/CVE-2007-5725.json index fa5f79c7db2..49511caaa3d 100644 --- a/2007/5xxx/CVE-2007-5725.json +++ b/2007/5xxx/CVE-2007-5725.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to index.php in (2) the default action for the home page, (3) a currencies action, or (4) a basket action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071028 Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482906/100/0/threaded" - }, - { - "name" : "26232", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26232" - }, - { - "name" : "3312", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3312" - }, - { - "name" : "smartshop-index-xss(38144)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject arbitrary web script or HTML via (1) the email parameter to index.php; or the command parameter to index.php in (2) the default action for the home page, (3) a currencies action, or (4) a basket action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "smartshop-index-xss(38144)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38144" + }, + { + "name": "20071028 Smart-Shop Shopping Cart Cross-Site Scripting Vulrnability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482906/100/0/threaded" + }, + { + "name": "26232", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26232" + }, + { + "name": "3312", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3312" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5767.json b/2007/5xxx/CVE-2007-5767.json index 563da8b2170..27ee2862f2e 100644 --- a/2007/5xxx/CVE-2007-5767.json +++ b/2007/5xxx/CVE-2007-5767.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-064.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-064.html" - }, - { - "name" : "http://download.novell.com/Download?buildid=AuOWp2Xsvmc~", - "refsource" : "CONFIRM", - "url" : "http://download.novell.com/Download?buildid=AuOWp2Xsvmc~" - }, - { - "name" : "26285", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26285" - }, - { - "name" : "ADV-2007-3682", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3682" - }, - { - "name" : "1018882", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018882" - }, - { - "name" : "27468", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27468" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018882", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018882" + }, + { + "name": "ADV-2007-3682", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3682" + }, + { + "name": "http://download.novell.com/Download?buildid=AuOWp2Xsvmc~", + "refsource": "CONFIRM", + "url": "http://download.novell.com/Download?buildid=AuOWp2Xsvmc~" + }, + { + "name": "26285", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26285" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-064.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-064.html" + }, + { + "name": "27468", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27468" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2867.json b/2009/2xxx/CVE-2009-2867.json index c03307ca05a..5560c7d9c4c 100644 --- a/2009/2xxx/CVE-2009-2867.json +++ b/2009/2xxx/CVE-2009-2867.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18886", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18886" - }, - { - "name" : "20090923 Cisco IOS Software Zone-Based Policy Firewall Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8130.shtml" - }, - { - "name" : "oval:org.mitre.oval:def:7254", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7254" - }, - { - "name" : "1022930", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022930" - }, - { - "name" : "ADV-2009-2759", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1022930", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022930" + }, + { + "name": "ADV-2009-2759", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2759" + }, + { + "name": "20090923 Cisco IOS Software Zone-Based Policy Firewall Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8130.shtml" + }, + { + "name": "oval:org.mitre.oval:def:7254", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7254" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18886", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18886" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3036.json b/2015/3xxx/CVE-2015-3036.json index ef10bd21c7f..a5dd7c7d3dc 100644 --- a/2015/3xxx/CVE-2015-3036.json +++ b/2015/3xxx/CVE-2015-3036.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38566", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38566/" - }, - { - "name" : "38454", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38454/" - }, - { - "name" : "20150519 SEC Consult SA-20150519-0 :: Critical buffer overflow vulnerability in KCodes NetUSB (VU#177092, CVE-2015-3036)", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/74" - }, - { - "name" : "20151010 Exploit NetUSB CVE-2015-3036", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/50" - }, - { - "name" : "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html", - "refsource" : "MISC", - "url" : "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html" - }, - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/131987/KCodes-NetUSB-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131987/KCodes-NetUSB-Buffer-Overflow.html" - }, - { - "name" : "http://packetstormsecurity.com/files/133919/NetUSB-Stack-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133919/NetUSB-Stack-Buffer-Overflow.html" - }, - { - "name" : "VU#177092", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/177092" - }, - { - "name" : "74724", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74724" - }, - { - "name" : "1032377", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#177092", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/177092" + }, + { + "name": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html", + "refsource": "MISC", + "url": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html" + }, + { + "name": "38454", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38454/" + }, + { + "name": "38566", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38566/" + }, + { + "name": "http://packetstormsecurity.com/files/133919/NetUSB-Stack-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133919/NetUSB-Stack-Buffer-Overflow.html" + }, + { + "name": "20151010 Exploit NetUSB CVE-2015-3036", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/50" + }, + { + "name": "http://packetstormsecurity.com/files/131987/KCodes-NetUSB-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131987/KCodes-NetUSB-Buffer-Overflow.html" + }, + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt" + }, + { + "name": "74724", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74724" + }, + { + "name": "1032377", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032377" + }, + { + "name": "20150519 SEC Consult SA-20150519-0 :: Critical buffer overflow vulnerability in KCodes NetUSB (VU#177092, CVE-2015-3036)", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/74" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3545.json b/2015/3xxx/CVE-2015-3545.json index 22db94a8b64..fa91275b4fd 100644 --- a/2015/3xxx/CVE-2015-3545.json +++ b/2015/3xxx/CVE-2015-3545.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3545", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3545", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3874.json b/2015/3xxx/CVE-2015-3874.json index 973da813661..9b0fc364757 100644 --- a/2015/3xxx/CVE-2015-3874.json +++ b/2015/3xxx/CVE-2015-3874.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3874", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3884.json b/2015/3xxx/CVE-2015-3884.json index b8531206830..d8411141743 100644 --- a/2015/3xxx/CVE-2015-3884.json +++ b/2015/3xxx/CVE-2015-3884.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://rossmarks.uk/portfolio.php", - "refsource" : "MISC", - "url" : "http://rossmarks.uk/portfolio.php" - }, - { - "name" : "http://rossmarks.uk/whitepapers/qdPM_8.3.txt", - "refsource" : "MISC", - "url" : "http://rossmarks.uk/whitepapers/qdPM_8.3.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://rossmarks.uk/whitepapers/qdPM_8.3.txt", + "refsource": "MISC", + "url": "http://rossmarks.uk/whitepapers/qdPM_8.3.txt" + }, + { + "name": "http://rossmarks.uk/portfolio.php", + "refsource": "MISC", + "url": "http://rossmarks.uk/portfolio.php" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4375.json b/2015/4xxx/CVE-2015-4375.json index 578cc97f58b..4d684acd130 100644 --- a/2015/4xxx/CVE-2015-4375.json +++ b/2015/4xxx/CVE-2015-4375.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150322 CVE requests for Drupal contributed modules", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/22/35" - }, - { - "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" - }, - { - "name" : "https://www.drupal.org/node/2454909", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2454909" - }, - { - "name" : "https://www.drupal.org/node/2454883", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2454883" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150322 CVE requests for Drupal contributed modules", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/22/35" + }, + { + "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6" + }, + { + "name": "https://www.drupal.org/node/2454909", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2454909" + }, + { + "name": "https://www.drupal.org/node/2454883", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2454883" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4667.json b/2015/4xxx/CVE-2015-4667.json index 929fdbc2919..e24a25d0d70 100644 --- a/2015/4xxx/CVE-2015-4667.json +++ b/2015/4xxx/CVE-2015-4667.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple hardcoded credentials in Xsuite 2.x." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150722 Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536058/100/0/threaded" - }, - { - "name" : "37708", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37708/" - }, - { - "name" : "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt", - "refsource" : "MISC", - "url" : "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt" - }, - { - "name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html", - "refsource" : "CONFIRM", - "url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple hardcoded credentials in Xsuite 2.x." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html", + "refsource": "CONFIRM", + "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html" + }, + { + "name": "20150722 Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536058/100/0/threaded" + }, + { + "name": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt", + "refsource": "MISC", + "url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt" + }, + { + "name": "37708", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37708/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8018.json b/2015/8xxx/CVE-2015-8018.json index 37d5c59f036..03e7167defe 100644 --- a/2015/8xxx/CVE-2015-8018.json +++ b/2015/8xxx/CVE-2015-8018.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8018", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8018", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8398.json b/2015/8xxx/CVE-2015-8398.json index e71bd969d76..49a02de6207 100644 --- a/2015/8xxx/CVE-2015-8398.json +++ b/2015/8xxx/CVE-2015-8398.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160104 Confluence Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537232/100/0/threaded" - }, - { - "name" : "39170", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39170/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160104 Confluence Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537232/100/0/threaded" + }, + { + "name": "39170", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39170/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8457.json b/2015/8xxx/CVE-2015-8457.json index 02e2d19c13d..fef99bc25dd 100644 --- a/2015/8xxx/CVE-2015-8457.json +++ b/2015/8xxx/CVE-2015-8457.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8407." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-636", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-636" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "78802", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78802" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8407." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-636", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-636" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "78802", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78802" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8467.json b/2015/8xxx/CVE-2015-8467.json index 1b409f15e5f..2d0ec3361cf 100644 --- a/2015/8xxx/CVE-2015-8467.json +++ b/2015/8xxx/CVE-2015-8467.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8467", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8467", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1290294", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1290294" - }, - { - "name" : "https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d", - "refsource" : "CONFIRM", - "url" : "https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d" - }, - { - "name" : "https://www.samba.org/samba/security/CVE-2015-8467.html", - "refsource" : "CONFIRM", - "url" : "https://www.samba.org/samba/security/CVE-2015-8467.html" - }, - { - "name" : "DSA-3433", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3433" - }, - { - "name" : "GLSA-201612-47", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-47" - }, - { - "name" : "openSUSE-SU-2016:1064", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html" - }, - { - "name" : "SUSE-SU-2015:2304", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html" - }, - { - "name" : "SUSE-SU-2015:2305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html" - }, - { - "name" : "openSUSE-SU-2015:2354", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html" - }, - { - "name" : "openSUSE-SU-2015:2356", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html" - }, - { - "name" : "USN-2855-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2855-2" - }, - { - "name" : "USN-2855-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2855-1" - }, - { - "name" : "79735", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79735" - }, - { - "name" : "1034493", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034493" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass intended access restrictions by leveraging the existence of a domain with both a Samba DC and a Windows DC, a similar issue to CVE-2015-2535." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79735", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79735" + }, + { + "name": "openSUSE-SU-2016:1064", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html" + }, + { + "name": "USN-2855-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2855-2" + }, + { + "name": "SUSE-SU-2015:2304", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00019.html" + }, + { + "name": "SUSE-SU-2015:2305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00020.html" + }, + { + "name": "openSUSE-SU-2015:2354", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.html" + }, + { + "name": "https://www.samba.org/samba/security/CVE-2015-8467.html", + "refsource": "CONFIRM", + "url": "https://www.samba.org/samba/security/CVE-2015-8467.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1290294", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290294" + }, + { + "name": "1034493", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034493" + }, + { + "name": "DSA-3433", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3433" + }, + { + "name": "GLSA-201612-47", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-47" + }, + { + "name": "USN-2855-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2855-1" + }, + { + "name": "openSUSE-SU-2015:2356", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html" + }, + { + "name": "https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d", + "refsource": "CONFIRM", + "url": "https://git.samba.org/?p=samba.git;a=commit;h=b000da128b5fb519d2d3f2e7fd20e4a25b7dae7d" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9015.json b/2015/9xxx/CVE-2015-9015.json index 61641a222c1..22362cc57c3 100644 --- a/2015/9xxx/CVE-2015-9015.json +++ b/2015/9xxx/CVE-2015-9015.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-06-05T00:00:00", - "ID" : "CVE-2015-9015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-06-05T00:00:00", + "ID": "CVE-2015-9015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9027.json b/2015/9xxx/CVE-2015-9027.json index 1c69504394c..4118d01aac6 100644 --- a/2015/9xxx/CVE-2015-9027.json +++ b/2015/9xxx/CVE-2015-9027.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2015-9027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted Pointer Dereference Vulnerability in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2015-9027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference Vulnerability in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1062.json b/2016/1xxx/CVE-2016-1062.json index 3cb7e46f954..2f72f0e0ce8 100644 --- a/2016/1xxx/CVE-2016-1062.json +++ b/2016/1xxx/CVE-2016-1062.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-310", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-310" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90517", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90517" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "90517", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90517" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-310", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1297.json b/2016/1xxx/CVE-2016-1297.json index aa78e4dc18a..ee3f523b3c3 100644 --- a/2016/1xxx/CVE-2016-1297.json +++ b/2016/1xxx/CVE-2016-1297.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul84801." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160224 Cisco ACE 4710 Application Control Engine Command Injection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-ace" - }, - { - "name" : "1035104", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035104" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul84801." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160224 Cisco ACE 4710 Application Control Engine Command Injection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-ace" + }, + { + "name": "1035104", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035104" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5257.json b/2016/5xxx/CVE-2016-5257.json index fb5e0c6c888..2be8566f025 100644 --- a/2016/5xxx/CVE-2016-5257.json +++ b/2016/5xxx/CVE-2016-5257.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5257", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5257", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1277213", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1277213" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1287204", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1287204" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288555", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288555" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288588", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288588" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288780", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1288780" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1289280", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1289280" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1293347", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1293347" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294095", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294095" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294407", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294407" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-86/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-86/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-88/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-88/" - }, - { - "name" : "DSA-3674", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3674" - }, - { - "name" : "DSA-3690", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3690" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1912.html" - }, - { - "name" : "RHSA-2016:1985", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1985.html" - }, - { - "name" : "93049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93049" - }, - { - "name" : "1036852", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294407", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294407" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293347", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293347" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-86/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-86/" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1289280", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1289280" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288780", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288780" + }, + { + "name": "DSA-3674", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3674" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1287204", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1287204" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1277213", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1277213" + }, + { + "name": "RHSA-2016:1985", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1985.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288588", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288588" + }, + { + "name": "DSA-3690", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3690" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294095", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294095" + }, + { + "name": "RHSA-2016:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1912.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288555", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1288555" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-88/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-88/" + }, + { + "name": "93049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93049" + }, + { + "name": "1036852", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036852" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5600.json b/2016/5xxx/CVE-2016-5600.json index 08b03abdfee..334e76d4a73 100644 --- a/2016/5xxx/CVE-2016-5600.json +++ b/2016/5xxx/CVE-2016-5600.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5600", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5600", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93688", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93688" - }, - { - "name" : "1037046", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise SCM Services Procurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93688", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93688" + }, + { + "name": "1037046", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037046" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5617.json b/2016/5xxx/CVE-2016-5617.json index 512a61e221b..81f1b891701 100644 --- a/2016/5xxx/CVE-2016-5617.json +++ b/2016/5xxx/CVE-2016-5617.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5617", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5617", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6664. Reason: This candidate is a reservation duplicate of CVE-2016-6664. Notes: All CVE users should reference CVE-2016-6664 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5707.json b/2016/5xxx/CVE-2016-5707.json index 438c33e52f6..26ebff17a5d 100644 --- a/2016/5xxx/CVE-2016-5707.json +++ b/2016/5xxx/CVE-2016-5707.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5707", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5707", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1999xxx/CVE-2018-1999010.json b/2018/1999xxx/CVE-2018-1999010.json index 71db781e4ee..e6c52b7d044 100644 --- a/2018/1999xxx/CVE-2018-1999010.json +++ b/2018/1999xxx/CVE-2018-1999010.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-07-20T20:44:32.975346", - "DATE_REQUESTED" : "2018-07-13T15:58:45", - "ID" : "CVE-2018-1999010", - "REQUESTER" : "paulcher@icloud.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "FFmpeg", - "version" : { - "version_data" : [ - { - "version_value" : "before cced03dd667a5df6df8fd40d8de0bff477ee02e8" - } - ] - } - } - ] - }, - "vendor_name" : "FFmpeg" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "multiple out of array access" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-07-20T20:44:32.975346", + "DATE_REQUESTED": "2018-07-13T15:58:45", + "ID": "CVE-2018-1999010", + "REQUESTER": "paulcher@icloud.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html" - }, - { - "name" : "https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8", - "refsource" : "CONFIRM", - "url" : "https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8" - }, - { - "name" : "104896", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104896", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104896" + }, + { + "name": "https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8", + "refsource": "CONFIRM", + "url": "https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8" + }, + { + "name": "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2168.json b/2018/2xxx/CVE-2018-2168.json index 44f20a353b2..e859647bd89 100644 --- a/2018/2xxx/CVE-2018-2168.json +++ b/2018/2xxx/CVE-2018-2168.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2168", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2168", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2380.json b/2018/2xxx/CVE-2018-2380.json index 7895750985f..7e09973c275 100644 --- a/2018/2xxx/CVE-2018-2380.json +++ b/2018/2xxx/CVE-2018-2380.json @@ -1,103 +1,103 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP CRM", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.01" - }, - { - "version_affected" : "=", - "version_value" : "7.02" - }, - { - "version_affected" : "=", - "version_value" : "7.30" - }, - { - "version_affected" : "=", - "version_value" : "7.31" - }, - { - "version_affected" : "=", - "version_value" : "7.33" - }, - { - "version_affected" : "=", - "version_value" : "7.54" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \"traverse to parent directory\" are passed through to the file APIs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory/Path Traversal" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP CRM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.01" + }, + { + "version_affected": "=", + "version_value": "7.02" + }, + { + "version_affected": "=", + "version_value": "7.30" + }, + { + "version_affected": "=", + "version_value": "7.31" + }, + { + "version_affected": "=", + "version_value": "7.33" + }, + { + "version_affected": "=", + "version_value": "7.54" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44292", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44292/" - }, - { - "name" : "https://github.com/erpscanteam/CVE-2018-2380", - "refsource" : "MISC", - "url" : "https://github.com/erpscanteam/CVE-2018-2380" - }, - { - "name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" - }, - { - "name" : "https://launchpad.support.sap.com/#/notes/2547431", - "refsource" : "CONFIRM", - "url" : "https://launchpad.support.sap.com/#/notes/2547431" - }, - { - "name" : "103001", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \"traverse to parent directory\" are passed through to the file APIs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Directory/Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/erpscanteam/CVE-2018-2380", + "refsource": "MISC", + "url": "https://github.com/erpscanteam/CVE-2018-2380" + }, + { + "name": "44292", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44292/" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2547431", + "refsource": "CONFIRM", + "url": "https://launchpad.support.sap.com/#/notes/2547431" + }, + { + "name": "103001", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103001" + }, + { + "name": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2520.json b/2018/2xxx/CVE-2018-2520.json index 9e44280e235..765f9078fd7 100644 --- a/2018/2xxx/CVE-2018-2520.json +++ b/2018/2xxx/CVE-2018-2520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2520", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2520", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2612.json b/2018/2xxx/CVE-2018-2612.json index 1b723cfc355..d7c1974d04b 100644 --- a/2018/2xxx/CVE-2018-2612.json +++ b/2018/2xxx/CVE-2018-2612.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2612", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.6.38 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.20 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2612", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.6.38 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.20 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180117-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180117-0002/" - }, - { - "name" : "DSA-4341", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4341" - }, - { - "name" : "RHSA-2018:0586", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0586" - }, - { - "name" : "RHSA-2018:0587", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0587" - }, - { - "name" : "USN-3537-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3537-1/" - }, - { - "name" : "102709", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102709" - }, - { - "name" : "1040216", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:0587", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0587" + }, + { + "name": "DSA-4341", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4341" + }, + { + "name": "USN-3537-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3537-1/" + }, + { + "name": "RHSA-2018:0586", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0586" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" + }, + { + "name": "102709", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102709" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180117-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180117-0002/" + }, + { + "name": "1040216", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040216" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2657.json b/2018/2xxx/CVE-2018-2657.json index 267542f13e4..9156225efe5 100644 --- a/2018/2xxx/CVE-2018-2657.json +++ b/2018/2xxx/CVE-2018-2657.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2657", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 6u171" - }, - { - "version_affected" : "=", - "version_value" : "7u161; JRockit: R28.3.16" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2657", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 6u171" + }, + { + "version_affected": "=", + "version_value": "7u161; JRockit: R28.3.16" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180117-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180117-0001/" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" - }, - { - "name" : "RHSA-2018:0100", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0100" - }, - { - "name" : "RHSA-2018:0115", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0115" - }, - { - "name" : "RHSA-2018:0458", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0458" - }, - { - "name" : "RHSA-2018:0521", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0521" - }, - { - "name" : "RHSA-2018:1463", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1463" - }, - { - "name" : "RHSA-2018:1812", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1812" - }, - { - "name" : "102629", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102629" - }, - { - "name" : "1040203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180117-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" + }, + { + "name": "RHSA-2018:0521", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0521" + }, + { + "name": "RHSA-2018:0115", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0115" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" + }, + { + "name": "RHSA-2018:1812", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1812" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" + }, + { + "name": "RHSA-2018:1463", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1463" + }, + { + "name": "RHSA-2018:0458", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0458" + }, + { + "name": "1040203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040203" + }, + { + "name": "RHSA-2018:0100", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0100" + }, + { + "name": "102629", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102629" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2770.json b/2018/2xxx/CVE-2018-2770.json index 8100621ae09..ed0bb68c90f 100644 --- a/2018/2xxx/CVE-2018-2770.json +++ b/2018/2xxx/CVE-2018-2770.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adaptive Access Manager", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "11.1.2.3.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Adaptive Access Manager component of Oracle Fusion Middleware (subcomponent: OAAM Admin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Adaptive Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Adaptive Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Adaptive Access Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Adaptive Access Manager accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Adaptive Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Adaptive Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Adaptive Access Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Adaptive Access Manager accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adaptive Access Manager", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.1.2.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103806" - }, - { - "name" : "1040695", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Adaptive Access Manager component of Oracle Fusion Middleware (subcomponent: OAAM Admin). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Adaptive Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Adaptive Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Adaptive Access Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Adaptive Access Manager accessible data. CVSS 3.0 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Adaptive Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Adaptive Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Adaptive Access Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Adaptive Access Manager accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040695", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040695" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103806" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6040.json b/2018/6xxx/CVE-2018-6040.json index 35bf450af76..cc15c063c94 100644 --- a/2018/6xxx/CVE-2018-6040.json +++ b/2018/6xxx/CVE-2018-6040.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "64.0.3282.119" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Insufficient policy enforcement" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "64.0.3282.119" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" - }, - { - "name" : "https://crbug.com/778658", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/778658" - }, - { - "name" : "DSA-4103", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4103" - }, - { - "name" : "RHSA-2018:0265", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0265" - }, - { - "name" : "102797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102797" - }, - { - "name" : "1040282", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient policy enforcement" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" + }, + { + "name": "https://crbug.com/778658", + "refsource": "CONFIRM", + "url": "https://crbug.com/778658" + }, + { + "name": "DSA-4103", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4103" + }, + { + "name": "102797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102797" + }, + { + "name": "1040282", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040282" + }, + { + "name": "RHSA-2018:0265", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0265" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6768.json b/2018/6xxx/CVE-2018-6768.json index 558d7abfb0f..6317618dc27 100644 --- a/2018/6xxx/CVE-2018-6768.json +++ b/2018/6xxx/CVE-2018-6768.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008090." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008090", - "refsource" : "MISC", - "url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008090" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008090." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008090", + "refsource": "MISC", + "url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008090" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6790.json b/2018/6xxx/CVE-2018-6790.json index 862ec696634..df2cb865bbe 100644 --- a/2018/6xxx/CVE-2018-6790.json +++ b/2018/6xxx/CVE-2018-6790.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6790", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c", - "refsource" : "CONFIRM", - "url" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c" - }, - { - "name" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938", - "refsource" : "CONFIRM", - "url" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938" - }, - { - "name" : "https://phabricator.kde.org/D10188", - "refsource" : "CONFIRM", - "url" : "https://phabricator.kde.org/D10188" - }, - { - "name" : "https://www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.php", - "refsource" : "CONFIRM", - "url" : "https://www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c", + "refsource": "CONFIRM", + "url": "https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c" + }, + { + "name": "https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938", + "refsource": "CONFIRM", + "url": "https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938" + }, + { + "name": "https://phabricator.kde.org/D10188", + "refsource": "CONFIRM", + "url": "https://phabricator.kde.org/D10188" + }, + { + "name": "https://www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.php", + "refsource": "CONFIRM", + "url": "https://www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.php" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0044.json b/2019/0xxx/CVE-2019-0044.json index e7829ac1d5b..561155f8c19 100644 --- a/2019/0xxx/CVE-2019-0044.json +++ b/2019/0xxx/CVE-2019-0044.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0044", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0044", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0119.json b/2019/0xxx/CVE-2019-0119.json index a7da04cd5be..e9334c8c94d 100644 --- a/2019/0xxx/CVE-2019-0119.json +++ b/2019/0xxx/CVE-2019-0119.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0119", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0119", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0537.json b/2019/0xxx/CVE-2019-0537.json index b70dc0e0525..7d1bf9d3925 100644 --- a/2019/0xxx/CVE-2019-0537.json +++ b/2019/0xxx/CVE-2019-0537.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Visual Studio", - "version" : { - "version_data" : [ - { - "version_value" : "2010 Service Pack 1" - }, - { - "version_value" : "2012 Update 5" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka \"Microsoft Visual Studio Information Disclosure Vulnerability.\" This affects Microsoft Visual Studio." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_value": "2010 Service Pack 1" + }, + { + "version_value": "2012 Update 5" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0537", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0537" - }, - { - "name" : "106390", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka \"Microsoft Visual Studio Information Disclosure Vulnerability.\" This affects Microsoft Visual Studio." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0537", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0537" + }, + { + "name": "106390", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106390" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0578.json b/2019/0xxx/CVE-2019-0578.json index 6decc9a545e..f3fadfa771a 100644 --- a/2019/0xxx/CVE-2019-0578.json +++ b/2019/0xxx/CVE-2019-0578.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0578", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0578" - }, - { - "name" : "106424", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106424" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0577, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0578", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0578" + }, + { + "name": "106424", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106424" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0703.json b/2019/0xxx/CVE-2019-0703.json index e29d0a1f1e1..0b3dadeecd4 100644 --- a/2019/0xxx/CVE-2019-0703.json +++ b/2019/0xxx/CVE-2019-0703.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0703", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0703", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1279.json b/2019/1xxx/CVE-2019-1279.json index 6b63a9f629d..3efd1f172f5 100644 --- a/2019/1xxx/CVE-2019-1279.json +++ b/2019/1xxx/CVE-2019-1279.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1279", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1279", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1298.json b/2019/1xxx/CVE-2019-1298.json index 6d5e775d5ec..4d82f34f341 100644 --- a/2019/1xxx/CVE-2019-1298.json +++ b/2019/1xxx/CVE-2019-1298.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1298", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1298", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1416.json b/2019/1xxx/CVE-2019-1416.json index d834cd730b1..1d9159b0d0a 100644 --- a/2019/1xxx/CVE-2019-1416.json +++ b/2019/1xxx/CVE-2019-1416.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1416", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1416", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1642.json b/2019/1xxx/CVE-2019-1642.json index 83432c14c4c..03daa98e7f1 100644 --- a/2019/1xxx/CVE-2019-1642.json +++ b/2019/1xxx/CVE-2019-1642.json @@ -1,96 +1,96 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-01-23T16:00:00-0800", - "ID" : "CVE-2019-1642", - "STATE" : "PUBLIC", - "TITLE" : "Cisco Firepower Management Center Cross-Site Scripting Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Firepower Management Center ", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "6.1", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-79" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-01-23T16:00:00-0800", + "ID": "CVE-2019-1642", + "STATE": "PUBLIC", + "TITLE": "Cisco Firepower Management Center Cross-Site Scripting Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Firepower Management Center ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46263", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46263/" - }, - { - "name" : "20190123 Cisco Firepower Management Center Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-frpwr-mc-xss" - }, - { - "name" : "106714", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106714" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190123-frpwr-mc-xss", - "defect" : [ - [ - "CSCvk30983" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.1", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46263", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46263/" + }, + { + "name": "106714", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106714" + }, + { + "name": "20190123 Cisco Firepower Management Center Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-frpwr-mc-xss" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190123-frpwr-mc-xss", + "defect": [ + [ + "CSCvk30983" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4360.json b/2019/4xxx/CVE-2019-4360.json index 3e2fef99dfe..13e6ceb28d2 100644 --- a/2019/4xxx/CVE-2019-4360.json +++ b/2019/4xxx/CVE-2019-4360.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4360", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4360", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4813.json b/2019/4xxx/CVE-2019-4813.json index 97128a7fab6..da387a991ee 100644 --- a/2019/4xxx/CVE-2019-4813.json +++ b/2019/4xxx/CVE-2019-4813.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4813", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4813", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5022.json b/2019/5xxx/CVE-2019-5022.json index 0c545b48b57..41c999c42ca 100644 --- a/2019/5xxx/CVE-2019-5022.json +++ b/2019/5xxx/CVE-2019-5022.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5022", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5022", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5277.json b/2019/5xxx/CVE-2019-5277.json index 1a7c0b7e4d7..2361aa4512e 100644 --- a/2019/5xxx/CVE-2019-5277.json +++ b/2019/5xxx/CVE-2019-5277.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5277", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5277", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5439.json b/2019/5xxx/CVE-2019-5439.json index d37db10dbf1..6179f117dde 100644 --- a/2019/5xxx/CVE-2019-5439.json +++ b/2019/5xxx/CVE-2019-5439.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5439", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5439", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5944.json b/2019/5xxx/CVE-2019-5944.json index d1101de78bf..4b0143d1597 100644 --- a/2019/5xxx/CVE-2019-5944.json +++ b/2019/5xxx/CVE-2019-5944.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5944", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5944", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file